Documente Academic
Documente Profesional
Documente Cultură
Grid Computing
Def
combination of computer resources from multiple administrative domains applied to a common task* distributed parallel computation
Core idea
* http://en.wikipedia.org/wiki/Grid_computing
Utility Computing
Def
The packaging of computing resources (computation, storage etc.) as a metered service similar to a traditional public utility* not a new concept
Observation
" f computers of the kind have advocated become the computers of the future, then computing may someday be organi!ed as a public utility "ust as the telephone system is a public utility... The computer utility could become the basis of a ne# and important industry." $ %ohn &c'arthy, & T 'entennial in ()*(
* http://en.wikipedia.org/wiki/Utility_computing
3
Cloud Computing
Is cloud computing?
arious definitions
'loud computing is a model for enabling convenient, on$demand net#ork access to a shared pool of configurable computing resources (e.g., net#orks, servers, storage, applications, and services) that can be rapidly provisioned and released #ith minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.*
* http://csrc.nist.gov/groups/S S/cloud!computing/cloud!de"!v#$.doc
'
'loud computing is a model for enabling convenient, on$demand net#ork access to a shared pool of configurable computing resources (e.g., net#orks, servers, storage, applications, and services) that can be rapidly provisioned and released #ith minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.*
* http://csrc.nist.gov/groups/S S/cloud!computing/cloud!de"!v#$.doc
'loud computing is a model for enabling convenient, on$demand net#ork access to a shared pool of configurable computing resources (e.g., net#orks, servers, storage, applications, and services) that can be rapidly provisioned and released #ith minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.*
* http://csrc.nist.gov/groups/S S/cloud!computing/cloud!de"!v#$.doc
'loud computing is a model for enabling convenient, on$demand net#ork access to a shared pool of configurable computing resources (e.g., net#orks, servers, storage, applications, and services) that can be rapidly provisioned and released #ith minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.*
* http://csrc.nist.gov/groups/S S/cloud!computing/cloud!de"!v#$.doc
'loud computing is a model for enabling convenient, on$demand net#ork access to a shared pool of configurable computing resources (e.g., net#orks, servers, storage, applications, and services) that can be rapidly provisioned and released #ith minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.*
* http://csrc.nist.gov/groups/S S/cloud!computing/cloud!de"!v#$.doc
'loud computing is a model for enabling convenient, on$demand net#ork access to a shared pool of configurable computing resources (e.g., net#orks, servers, storage, applications, and services) that can be rapidly provisioned and released #ith minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.*
* http://csrc.nist.gov/groups/S S/cloud!computing/cloud!de"!v#$.doc
,-
a consumer can unilaterally provision computing capabilities #ithout human interaction with the service provider computing capabilities
,,
capabilities are
available over the networ0 accessed through standard mechanisms heterogeneous thin or thic0 client platforms
promote use by
,2
provider6s computing resources are pooled to serve multiple consumers computing resources
storage/ processing/ memory/ networ0 bandwidth and virtual machines no control over the e7act location of the resources performance/ scalability/ security
,3
location independence
capabilities can be rapidly and elastically provisioned unlimited virtual resources predicting a ceiling is difficult
,4
,'
Relevant Technologies
9ccess
;Cs <enterprise/ home=/ mobile devices/ hand.held devices wired : wireless large computing capacity distributed direct access storage devices s1 storage area networ0s
data centres
,(
Relevant Technologies
irtuali>ation
irtuali>ation types
hardware
?@3A Ben
3Care/ ;arallels
,)
Relevant Technologies
irtuali>ation types
memory virtuali>ation
decouples volatile random access memory <593= resources from individual systems aggregates these resources into a virtuali>ed memory pool available to any computer in the cluster abstracting logical storage from physical storage !9" . networ0 attached storage data as an abstract layer/ independent of underlying database systems/ structures and storage
storage virtuali>ation
data virtuali>ation
,*
Relevant Technologies
irtuali>ation types
networ0 virtuali>ation
?uestion?
@C2 Compute Anit eDuals ,1-.,12 EF> 2--) Opteron or 2--) Beon processor
,+
Relevant Technologies
9;Is
no standards
2-
SPI Services
"aa" <"oftware.as.a."ervice=
networ0 based access multi.tenancy single software release for all "alesforce1com/ Eoogle Docs
"aa" @7amples
2,
SPI Services
"aa" : 3ulti.tenancy
Eoogle docs
"aa" applications are Gnet nativeG configurability/ efficiency/ and scalability "O9 : "aa"
22
cloud specific design/ development : deployment multi.tenant data builtin metering : management browser based client : client tools customi>ation via configuration
23
SPI Services
"aa" Disadvantages
dependency on
networ0/ cloud service provider limited client bandwidth goodH better security than personal computers badH C"; is in charge of the data uglyH user privacy
performance
security
24
SPI Services
;aa" <;latform.as.a."ervice=
9dvantages
2'
SPI Services
;aa" $ 9rchitectural Characteristics
multi.tenancy
native scalability
2(
SPI Services
;aa" Disadvantages
inherits all from "aa" choice of development technology is limited to vendor provided4supported tools and services Eoogle app engine
;aa" @7amples
2)
SPI Services
Iaa" <Infrastructure.as.a."ervice=
processing/ storage/ networ0/ etc1 consumer is provided customi>ed virtual machines consumer has control over
O"/ memory storage servers : deployment configurations limited control over networ0 resources
2*
SPI Services
Iaa" I utility computing??
maybe $ !I"# does not tal0 about JJ infrastructure scalability native integrated management
9dvantages
economical cost
2+
SPI Services
Iaa" @7amples
3-
SPI Services
3,
-osted
)eployment
IaaS
Cloud
(aaS
Cloud
SaaS
Cloud
*rgani+ation controlled
.#/ Visualizing the Boundaries of Control in the Cloud. Dec 2009. http://kscottmorrison.com/0112/#0/1#/visuali+ing!the!3oundaries!o"!control!in!the!cloud/
32
XaaS
Baa" <@verything.as.a."ervice=
"ecurity.as.a."ervice
3c9feeK 3c9fee "aa" @mail 9rchiving 3c9fee "aa" @mail Inbound Liltering 3c9fee ulnerability 9ssessment "aa" <;@! #ests= oI;/ private ;2B
Caa" $ Communication.as.a."ervice
*http://www.mca"ee.com/us/enterprise/products/hosted_security/
33
metering
security
(aaS
in"rastructure
IaaS
34
http://aws.ama+on.com/
3'
private cloud
infrastructure is operated solely for an organi>ation managed by the organi>ation or by a third party supports a specific community infrastructure is shared by several organi>ations
community cloud
3(
public cloud
infrastructure is made available to the general public owned by an organi>ation selling cloud services infrastructure is a composition of two or more clouds deployment models enables data and application portability
hybrid cloud
3)
http://www.katescomment.com/images/CloudCu3e.png
3*
http://4ueue.acm.org/detail.c"m5id6#728#09
*http://en.wikipedia.org/wiki/Shard_:09data3ase_architecture:02
3+
web services cannot ensure all three of the following properties at once
consistency
set of operations has occurred all at once an operation must terminate in an intended response operations will complete/ even if individual components are unavailable
availability
partition tolerance
4-
9CID
* http://4ueue.acm.org/detail.c"m5id6#728#09
4,
optimistic and accepts that the database consistency #ill be in a state of flu+* supports partial failures leads to levels of scalability that cannot be obtained #ith ,' -*
scalability promise
* http://4ueue.acm.org/detail.c"m5id6#728#09
42
consistency across functional groups is easy to rela7 we encounter this on daily basis some scenarios
update of online user profile online master card payment 9#3 cheDue deposit permit partial failures
idempotent operations
43
EL" . Eoogle Lile "ystem FDL" $ Fadoop Distributed Lile "ystem rela7ed consistency replication
highly available
fault.tolerant
44
eventual consistency
all replicas will be updated at different times and in different order Eoogle 2ig#able Mahoo ;!A#" 9ma>on "3
e7amples
4'
distributed computing
4(
large problem bro0en into a set of small problems each small problem
can be solved by a functional transformation of input data remember pipes : filters?? can be e7ecuted in complete isolation parallel computing
concat
4*
merge
4+
MapReduce
grep matches solution
concat
count
counts
solution
merge
&'(
MapReduce
3ap
inputH 0ey4value pair outputH intermediate 0ey4value pair inputH intermediate 0ey4value pair outputH final 0ey4value pair
5educe
',
MapReduce
@7amples
distributed grep
map
reduce
distributed wc
map
reduce
Security in Cloud
"ecurity
;rivacy
'3
communication/ persistence
9uthenticity
data is from a 0nown source data has not been tampered with
Integrity
9ccess control
''
intersection attac0s
'(
hash 4 3essage 9uthentication Code <integrity= digital signatures <authentication, non$repudiation= #N"4""N <communication=
')
homomorphic encryptionK
if @<p= I c then D<2c= I 2p <multiplication operation= allows for data processing without decryption
promising but not practical so farKK increase as the access control granularity increases
* Gentry= C. 0112. @ully homomorphic encryption using ideal lattices. In (roceedings o" the 8#st 'nnual 'C& Symposium on theory o" Computing A<ethesda= &)= US'= &ay 7# ! Bune 10= 0112C. S?*C D12. 'C&= ew Eork= E= #F2!#G9. ** <ruce Schneier. Schneier on Security. http://www.schneier.com/3log/archives/0112/1G/homomorphic_enc.html
'*
allo#s a user to retrieve an item from the server #ithout revealing the item to the database* under research
* Chor= <.= Hushilevit+= ;.= Goldreich= *.= and Sudan= &. #229. (rivate in"ormation retrieval. B. 'C& 8$= F A ov. #229C= 2F$!29#.
'+
* >aykova= &.= %o= <.= <ellovin= S. &.= and &alkin= ?. 0112. Secure anonymous data3ase search. In (roceedings o" the 0112 'C& Iorkshop on Cloud Computing Security AChicago= Illinois= US'= ovem3er #7 ! #7= 0112C. CCSI D12. 'C&= ew Eork= E= ##$! #0F.
(-
data in chun0s along with 39C for each chun0 server stores data chun0 + 39C combinations forward error correction
(,
ris0 at all levels <"aa"/ ;aa"/ and Iaa"= encrypt the data in the cloud data deletion I 0ey destruction
"ecure deletion
(2
Security in Cloud
C"9 <Cloud "ervice 9lliance=
(3