Cloud Platform Benefits, Security Issues, And Private Cloud Infrastructure

1. a) Migration to the cloud platform would be a beneficial factor for the services of the bank. The services of the cloud would provide efficiency and would reduce several costs. The technology of cloud computing would be able to scale the capacity of processing for reacting to the demand of the customers. The benefits that would be provided by the cloud platform for the banking sector are:
2. They would be able to cut the costs that would be related to the manpower sector, software and hardware.
3. The cloud platform would be able to respond to the changing situations of the market, technological trends and customer demands.
4. The banks would be able to increase the power of computer by fetching their data from the cloud based infrastructure.

Types of Cloud Services

Based on the many benefits that would be provided by the cloud platform, it would be highly recommended to the project manager in order to implement the cloud infrastructure within the bank services (Avram, 2014).

1. b) The main points of difference between a private cloud and a public cloud are:

Private Cloud: In this kind of cloud based infrastructure, the cloud infrastructure would be hosted on the data center of the service provider. This would be helpful in offering extreme levels of security and control. As the components of this kind of infrastructure of the cloud would be entirely dedicated towards the business, hence they would be able to customize the process of computing, networking and storage (Goyal, 2014).

Public Cloud: In this cloud, the cloud based infrastructure has been shared by several businesses and they are especially possessed and are being operated by the provider of the cloud service. Hence, this kind of cloud service would offer fast provisioning of services. As users would be able to measure their resources in order to meet the demands, hence this kind of cloud service is an option of low-cost for the deployment of various applications (Wang et al., 2013).

1. a)The methods to implement the private cloud based infrastructure are:
2. A proper planning should be made as to what the private cloud would be able to provide within the estimated budget. A strategy should also be maintained in order to understand the type of applications that would be moved to the private cloud.
3. Professional private vendors of cloud services would be able to implement the services or they could even hire a consultant in order to help the private cloud vendor. The implementation process of the private cloud could be difficult and expensive.
4. The stages of the implementation of the cloud services should be properly known. The experts should firstly start with virtualization of the server and then follow the process of the virtualization of the storage and then they would get management tools based on virtualization.
5. The employees who would be working on the cloud environment should be provided with proper training. They should be made to involve with the process of implementation with the private cloud.
6. New software have to be purchased in order to track the performance and the flow of traffic within the virtualized environment. The traditional of monitoring are not efficient for the process of monitoring of the flow of traffic within the virtualized networks that would be shaped by the hypervisor. New tools of hardware would need to be purchased as the old tools would not be able to support the process.
7. The private environments of cloud computing involves two groups. The staff of IT operations and the users of the business who would wish to run their applications. The business application users are provided an opportunity by the private cloud in order to provide a server and then run an application on the cloud platform (Kaleem, Donko & Boskovic, 2013).
8. b) The process in which Microsoft System Center would be able to monitor and operate the private cloud are described as follows:
9. The private cloud infrastructure should be introduced to the new users.
10. The new units of the business should be configured and then optimized with the business units of the clouds.
11. After proper configuration, the cloud services should be deployed.
12. The monitoring of the private cloud services should be performed in an efficient way.
13. The performance of the application should be monitored and then configured.
14. After the performance of the application is configured, then the management of the extension of the services should be done on the private cloud.
15. The automatic creation of the incidents, the process of remediation and the requests for change should be done.
16. The management of the problems should be performed in the cloud platform.
17. The provisioning of the services should be done in an automatic way.
18. The protection of the private cloud and the recovery procedures should be implemented (Aceto et al., 2013).

1. a) The various types of health checks and performance monitors that are primarily available within the System Center are:
2. Unit Monitors: These kinds of monitors are able to measure some of the aspect related to an application, which includes check on the performance counter for determining the application performance.
3. Dependency Monitors: These are able to provide rollup of health among different classes.
4. Aggregate Monitors: These monitors would be helpful in providing a combined state of the health for similar kind of monitors. These kind of monitors would also provide a different state of health for several different categories of the class (Jamshidi, Ahmad & Pahl, 2014).

Some of the security issues are-

Data loss-Data can be lost as a result of malicious attack or the crashing of the server.

Hijacking of service-In case, if the account is hijacked, the usernames and passwords of the users are stolen.

Malicious Insiders: The misconduct of workers of internal organization can cause security threat for the stored data (Hashizume et al., 2013).

Different types of control in the cloud security architecture:

Deterrent Control

Preventive Control

Detective Control

Corrective Control (Modi et al., 2013)

Different requirements to limit data security:

Control in access: Access of the system is permitted to the authorized users.

Firewall: Implementation of firewall helps to eliminate the unauthorized traffics in the network.

Encryption: The encryption implemented in accessing cloud secured the cloud data from the access of the unauthorized users.

Protection of the wireless network: The protection in the wireless network ensures the transmission of data from cloud to clients in a secured way.

Criteria for the selection of the cloud:

The selection of cloud in context of security issues-

Data governance and security

Degree of security needed in the organization

Service dependencies and vendor support

Reliability and disaster recovery

Migration Support

Main strategy for creating System Center Virtual Machine Manager for creating and managing private cloud:

A system center virtual machine manager provides self-service portals for using cloud. Admin users can login into system service virtual machine manager to use the private cloud through console. One of the system service virtual machine is App Controller which allows users to use virtual machine and service templates through it.

Security Issues

Features of Virtual Machine Manager and its role in private cloud:

Some of the features are-

Physical to virtual conversion

Resource management and optimization in centralized way.

Virtual Machine migration and rapid deployment

Windows Powershell

Takes advantage of SAN network

Provides centralized reporting and monitoring

Centralized library (Moreno et al., 2013)

1. i) Virtual Machine Properties in VMM and available hardware options:

‘The Efficiency Property’:  It states that the virtual machine manager will run instructions directly in the CPU and not intervene where it is unnecessary (Beloglazov, 2013).

‘Equivalence Requirement Property’:  The virtual machine manager has to run indistinguishably from the physical machine in the same situation. However, there should be difference in compilation time and availability of resources.

‘Resource Control Property’:  Virtual Machine Manager needs to get full control over the resources and it should be maintained that no user can manipulate the data without the authorization of virtual machine manager (wook Baek, Srivastava & Van der Merwe, 2014).

1. ii) General setting of Virtual Machine Manager:

General setting includes the following

‘Customer Experience Improvement Program Setting’

‘Database Connection’

‘Library Setting’

‘Placement Setting’

‘PRO Setting’

‘Remote Control’

‘Self-service administrative e-mail address’ (Westphal et al., 2014)

Assessment of the existing system is needed to be done in order to understand the requirements and hosting environments.

Assessment of the physical infrastructure needed for the implementation of private cloud.

Virtualization level is created using VMware (Guthrie, Lowe & Coleman, 2013).

Over infra layer virtualization tools are built

Integration of asset management and virtualization management is done.

Virtualization management tool is built over infra layer.

The building of service catalogs and ITFM are built.

Different aspects of multitenancy and expectations of clients:

Aspects:

Internal- Company considers its different departments as different tenants. This requires a logical isolations of different tenants while sharing the same physical infrastructure.

External- In case of environment of service provider, different companies is different tenants. Different tenants have different requirements (Espadas et al., 2013).

Expectations of client:

The dedicated cloud service (Varadarajan et al., 2015).

Security and isolation

Standard regulations and services

Service is manageable and scalable (Velkoski et al., 2013)

Cost efficient

References

Aceto, G., Botta, A., De Donato, W., & Pescapè, A. (2013). Cloud monitoring: A survey. Computer Networks, 57(9), 2093-2115.

Avram, M. G. (2014). Advantages and challenges of adopting cloud computing from an enterprise perspective. Procedia Technology, 12, 529-534.

Beloglazov, A. (2013). Energy-efficient management of virtual machines in data centers for cloud computing(Doctoral dissertation).

Espadas, J., Molina, A., Jiménez, G., Molina, M., Ramírez, R., & Concha, D. (2013). A tenant-based resource allocation model for scaling Software-as-a-Service applications over cloud computing infrastructures. Future Generation Computer Systems, 29(1), 273-286.

Goyal, S. (2014). Public vs private vs hybrid vs community-cloud computing: A critical review. International Journal of Computer Network and Information Security, 6(3), 20.

Guthrie, F., Lowe, S., & Coleman, K. (2013). VMware vSphere design. John Wiley & Sons.

Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of internet services and applications, 4(1), 5.

Jamshidi, P., Ahmad, A., & Pahl, C. (2014, June). Autonomic resource provisioning for cloud-based software. In Proceedings of the 9th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (pp. 95-104). ACM.

Kalem, S., Donko, D., & Boskovic, D. (2013, May). Agile methods for cloud computing. In Information & Communication Technology Electronics & Microelectronics (MIPRO), 2013 36th International Convention on (pp. 1079-1083). IEEE.

Modi, C., Patel, D., Borisaniya, B., Patel, A., & Rajarajan, M. (2013). A survey on security issues and solutions at different layers of Cloud computing. The journal of supercomputing, 63(2), 561-592.

Moreno, I. S., Yang, R., Xu, J., & Wo, T. (2013, March). Improved energy-efficiency in cloud datacenters with interference-aware virtual machine placement. In Autonomous Decentralized Systems (ISADS), 2013 IEEE Eleventh International Symposium on (pp. 1-8). IEEE.

Varadarajan, V., Zhang, Y., Ristenpart, T., & Swift, M. M. (2015, August). A Placement Vulnerability Study in Multi-Tenant Public Clouds. In USENIX Security Symposium (pp. 913-928).

Velkoski, G., Simjanoska, M., Ristov, S., & Gusev, M. (2013, July). CPU utilization in a multitenant cloud. In EUROCON, 2013 IEEE (pp. 242-249). IEEE.

Wang, C., Chow, S. S., Wang, Q., Ren, K., & Lou, W. (2013). Privacy-preserving public auditing for secure cloud storage. IEEE transactions on computers, 62(2), 362-375.

Westphal, F., Axelsson, S., Neuhaus, C., & Polze, A. (2014). VMI-PL: A monitoring language for virtual platforms using virtual machine introspection. Digital Investigation, 11, S85-S94.

wook Baek, H., Srivastava, A., & Van der Merwe, J. (2014, March). Cloudvmi: Virtual machine introspection as a cloud service. In Cloud Engineering (IC2E), 2014 IEEE International Conference on (pp. 153-158). IEEE.