CSE-468 · Units 1, 2 & 3 · Prof. Saurav Tripathi · Exam Preparation
Cloud computing is a term with many authoritative definitions. Know all of them — exams ask you to compare.
Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.
Cloud Computing refers to both the applications delivered as services over the Internet and the hardware and systems software in the datacenters that provide those services. When a Cloud is made available in a pay-as-you-go manner to the public, the service being sold is called Utility Computing.
A Cloud is a type of parallel and distributed system consisting of a collection of interconnected and virtualized computers that are dynamically provisioned and presented as one or more unified computing resources based on service-level agreements (SLAs) established through negotiation between the service provider and consumers.
Cloud computing is Internet-based computing, whereby shared resources, software, and information are provided to computers and other devices on demand, like the electricity grid.
Cloud Computing is a service model that provides on-demand services to the user with minimal management efforts, regulated by Quality of Service (QoS) and Service Level Agreement (SLA). It is well known for the Pay-as-you-go model (renting rather than owning).
| Aspect | Distributed Computing | Cloud Computing |
|---|---|---|
| Goal | Distribute a single task across multiple computers | Provide on-demand computing services over internet |
| Focus | Speed & coordination between machines | Delivering hosted services to users |
| Model | Task-centric | Service-centric (Pay-per-use) |
| Resources | Hardware, software resources shared | Hardware, software, networking via internet |
This is the cornerstone of cloud computing theory. Always remember:
A consumer can unilaterally provision computing resources — such as server time, network storage, and applications — as needed, automatically without human interaction from the cloud provider. Once configured, usage can be automated, requiring no further human involvement.
Computing resources are available over the network and can be accessed using heterogeneous client platforms — mobiles, laptops, desktops, PDAs, tablets. Establishing ubiquitous access may require support for a range of devices, transport protocols, interfaces, and security technologies.
The provider's computing resources are pooled to serve multiple consumers using a multi-tenant model. Different physical and virtual resources are dynamically assigned and reassigned according to consumer demand. The customer usually has no knowledge of the exact physical location of the provided resources (location transparency), though at a higher level of abstraction, the region can be specified.
Resources can be elastically provisioned and released (automatically or manually) to scale rapidly outward and inward according to demand. To the consumer, available resources often appear to be unlimited and can be purchased in any quantity at any time.
Cloud systems automatically control and optimize resource use by leveraging a metering capability. Resource usage can be monitored, controlled, and reported, providing transparency for both provider and consumer. Users pay only for what they actually use (pay-as-you-go). Measured usage is not limited to billing — it also encompasses general monitoring and usage reporting.
Deployed for the exclusive use of a single organization. The organization may own and manage it, assign it to a third party, or both. Infrastructure can be on-premise or off-premise. Also called internal cloud. Limits access to service consumers belonging to the same organization.
Infrastructure is made available to the general public. Owned by an organization selling cloud services, a government organization, or both. Typically deployed at the cloud vendor's premises. Also called external cloud or multitenant cloud.
Infrastructure is shared by multiple organizations that form a community with shared concerns (mission, security requirements, policy, compliance). Owned, managed, and operated by the organizations or a third party. Can be on-premise or off-premise.
Infrastructure is a composition of two or more distinct cloud models (private, public, or community) that remain unique entities but are bound together by standardized or proprietary technology enabling data and application portability (e.g., cloud bursting for load-balancing between clouds).
The provider offers use of applications running on cloud infrastructure accessible via web browser (thin client). The consumer does NOT manage or control the underlying cloud infrastructure — not the network, servers, OS, storage, or individual application capabilities (except possibly limited user-specific settings).
What provider manages: Everything — servers, storage, networks, virtualization, OS, runtime, software, maintenance, updates.
Examples: Google Apps (Gmail, Google Docs), Salesforce.com, Microsoft OneDrive, Dropbox, Slack, EyeOS.
Provider gives consumers a runtime environment / development platform to deploy consumer-created or acquired applications (using programming languages and tools supported by the provider). The consumer does NOT manage or control the underlying cloud infrastructure (network, servers, OS, storage) but has control over deployed applications and possibly application hosting environment configurations.
What provider manages: Infrastructure, OS, runtime, middleware.
Examples: Google App Engine, Microsoft Windows Azure, Heroku, Hadoop.
Provider offers processing, storage, networks, and other fundamental computing resources where the consumer can deploy and run arbitrary software (including OS and applications) via virtualization. The consumer does NOT manage the underlying cloud infrastructure but has control over OS, storage, deployed applications, and possibly limited networking components.
What provider manages: Physical hardware, network, storage hardware, virtualization.
Examples: Amazon EC2, Amazon Web Services (AWS), Google Compute Engine, Rackspace, Eucalyptus, OpenStack.
Also known as Anything-as-a-Service, XaaS provides flexibility for users and companies to customize computing environments on demand. XaaS is evolving from technology-as-a-service to business-as-a-service.
A data management strategy that uses the cloud to deliver data storage, integration, processing, and/or analytics services via a network connection. Similar to SaaS, DaaS removes the need to install and manage data infrastructure locally — it outsources data storage, integration, and processing operations to the cloud. Used in data integration, business intelligence, and cloud computing.
| Year | Milestone |
|---|---|
| 1961 | John McCarthy proposed computing as a public utility: "Computing may someday be organized as a public utility just as the telephone system." |
| 1969 | Leonard Kleinrock (ARPANET chief scientist) spoke of "computer utilities" spreading via networks. |
| Mid-1990s | Public Internet-based services: search engines (Yahoo!, Google), email (Hotmail, Gmail) |
| Late 1990s | Salesforce.com pioneered remotely provisioned services for the enterprise. |
| 2002 | Amazon launched Amazon Web Services (AWS) — storage, computing, and business functionality. |
| 2006 | The term "cloud computing" emerged. Amazon launched Elastic Compute Cloud (EC2). Google Apps started providing browser-based enterprise apps. |
| 2008–2009 | Google App Engine launched. Microsoft Azure launched. |
A cluster is a group of independent IT resources interconnected to work as a single system (usually via LAN). Key features: redundancy, failover, high-speed communication links between nodes, reduced failure rates, increased availability. The concept of built-in redundancy and failover is core to cloud platforms.
A computing grid provides a platform where computing resources are organized into one or more logical pools, collectively coordinated to provide a high-performance distributed grid — sometimes called a "super virtual computer."
Grid computing differs from clustering: grid systems are much more loosely coupled and distributed. Grid is based on a middleware layer deployed on computing resources that implements workload distribution, load balancing, failover controls, and autonomic configuration management.
A distinct IT environment designed for the purpose of remotely provisioning scalable and measured IT resources. The term originated as a metaphor for the Internet. A cloud is typically privately owned and offers metered access to IT resources.
A physical or virtual IT-related artifact — either software-based (virtual server, custom software) or hardware-based (physical server, network device).
An IT resource hosted in a conventional IT enterprise within an organizational boundary that does NOT specifically represent a cloud. An on-premise IT resource cannot be cloud-based and vice versa. However: on-premise resources can interact with cloud-based resources; on-premise resources can be migrated to the cloud.
Any IT resource made remotely accessible via a cloud. The driving motivation is to provide IT resources as services that encapsulate other IT resources while offering functions for clients to use remotely. Most cloud services are labeled with the "as-a-service" suffix.
A strategy that manages server resources by activating only what is needed, aiming to reduce power consumption by adjusting resource availability based on demand.
Traditional problems: (1) Under-provision → loss of users/revenue because demand exceeds capacity. (2) Over-provision → wasted resources because capacity far exceeds demand.
Cloud solution: Dynamically provision resources to track demand — meet seasonal variations, burst demand for extraordinary events, and variations between industries.
How to achieve: Fault-tolerant systems, system resilience, reliable system security.
The property that enables a system to continue operating properly in the event of failure of some of its components. Four basic characteristics:
The ability to provide and maintain an acceptable level of service in the face of faults. A resilient system returns to its original state after encountering trouble as quickly as possible.
Disaster Recovery strategies: Data backup (off-site at regular intervals), data replication, system replication, local mirror systems, UPS (Uninterruptible Power Supply), surge protectors.
Develops computer systems capable of self-management. Four functional areas:
A technique to distribute workload evenly across two or more computers, network links, CPUs, hard drives, or other resources to: optimize resource utilization, maximize throughput, minimize response time, and avoid overload.
Benefits: Improved resource utilization, improved system performance, improved energy efficiency.
A software application that manages unattended background executions (batch processing). In cloud: manages computation-intensive tasks, dynamically growing/shrinking tasks, and tasks with complex processing dependencies. Approaches: pre-defined workflow, system automatic configuration.
| Challenge | What it means | How to prevent/minimize |
|---|---|---|
| Data Security & Privacy | Users can't see where data is processed/stored; risks: data theft, leakage, breaches, account hijacking, hacked APIs. 64% of companies cite this as biggest challenge. | Ensure CSP has secure identity authentication, access controls, encryption. Ask about their security capabilities. |
| Compliance Risks | Must comply with HIPAA, GDPR, etc. when data moves to cloud. 44% say compliance is a major challenge. | Choose vendors that are certified compliant with applicable standards. |
| Reduced Visibility & Control | No access to security tools on cloud platform; can't implement incident response; can't identify abnormal patterns easily. | Before migrating, clarify what data can be accessed and what security controls the provider uses. Continuous monitoring. |
| Cloud Migration | Moving legacy systems to cloud is time-consuming; challenges: troubleshooting, downtime, security, complexity, expenses. | Analyze requirements before choosing CSP; compare providers; minimize business disruption. |
| Incompatibility | Cloud services may be incompatible with on-premises infrastructure. | List all technologies and check compatibility with CSP before finalizing. |
| Improper Access Controls | Weak passwords, inactive users, mismanaged credentials lead to unauthorized access. | Central governing authority for user accounts; use IAM (Identity and Access Management) solutions; MFA. |
| Lack of Expertise | Cloud skills are expensive; staff may be unfamiliar with cloud technologies. | Use technologies with low learning curves; in-house training; hire/train senior cloud professionals. |
| Downtime | Poor internet connectivity causes service disruption, lags, missed deadlines, reduced productivity. | Ensure consistent, high-speed internet connectivity. |
| Insecure APIs | External APIs provide entry points for attackers; cause broken authentication, data exposure. | Design APIs with robust access control, encryption, authentication; run penetration testing; use TLS/SSL; MFA. |
| Cost Management | Under-optimized resources, unused instances, performance spikes raise costs beyond pay-as-you-go savings. | Monitor usage; turn off unused instances; right-size resources. |
Virtualization is the "creation of a virtual (rather than actual) version of something" — such as a server, desktop, storage device, operating system, or network resources.
More precisely: Virtualization represents a technology platform used for the creation of virtual instances of IT resources. A layer of virtualization software allows physical IT resources to provide multiple virtual images of themselves so that their underlying processing capabilities can be shared by multiple users.
Key facts:
| Level | Description | Systems | Advantage | Limitation |
|---|---|---|---|---|
| ISA Level | Emulates a given ISA (Instruction Set Architecture) by the host machine's ISA | Bochs, Crusoe, QEMU, BIRD, Dynamo | Best application flexibility; can run large amount of legacy binary codes for various processors | Slow — one source instruction may need tens or hundreds of native instructions; requires processor-specific translation layer |
| Hardware Abstraction Level | Virtualization performed right on top of hardware; generates virtual hardware environments for VMs | VMware, Virtual PC, Denali, Xen | Higher performance; good application isolation | Very expensive to implement (complexity) |
| OS Level | Abstraction layer between OS and user applications; creates isolated containers on a single physical server | Jail, Virtual Environment, Ensim's VPS, FVM | Minimal startup/shutdown cost; low resource requirement; high scalability; easy to synchronize | All VMs must have the same kind of guest OS; poor application flexibility and isolation |
| Library Support Level | Creates execution environments for running alien programs via API call interception and remapping | Wine, WAB, LxRun, VisualMainWin | Very low implementation effort | Poor application flexibility and isolation |
| User-Application Level | Virtualizes an application as a VM — sits as an application on top of OS, exports abstraction of a VM | JVM, .NET CLI, Panot | Best application isolation | Low performance; low application flexibility; high implementation complexity |
A hypervisor is a hardware virtualization technique allowing multiple operating systems (guests) to run on a host machine. Also called Virtual Machine Monitor (VMM).
Modern OS and processors support multiple processes running simultaneously. Processors have at least two modes:
Three categories of critical instructions:
A CPU architecture is virtualizable if it supports running the VM's privileged and unprivileged instructions in the CPU's user mode while the VMM runs in supervisor mode.
RISC CPU architectures can be naturally virtualized. x86 architectures are NOT primarily designed for virtualization (10 sensitive instructions are not privileged).
Hardware-Assisted CPU Virtualization (Intel VT/AMD-V): Intel and AMD add an additional mode called privilege mode level (Ring -1) to x86 processors, so OSes still run at Ring 0 and the hypervisor runs at Ring -1. All privileged and sensitive instructions are automatically trapped in the hypervisor — removing the need for binary translation in full virtualization.
Similar to virtual memory supported by modern OS. Modern x86 CPUs include a Memory Management Unit (MMU) and a Translation Lookaside Buffer (TLB) to optimize virtual memory performance.
Two-stage mapping:
Each page table of the guest OS has a corresponding shadow page table in the VMM. VMware uses shadow page tables to perform virtual-memory-to-machine-memory translation. Intel's Extended Page Table (EPT) hardware performs this in hardware, avoiding performance overhead.
Involves managing the routing of I/O requests between virtual devices and shared physical hardware. Three approaches:
Process of retrieving data from various resources without knowing its type and physical location. Collects heterogeneous data from different resources and allows access according to work requirements. Accessible using web portals, web services, SaaS, mobile applications.
Used in: Data integration, business intelligence, cloud computing.
Industries: Communication & Technology (real-time ODS for marketing), Finance (trade reconciliation), Government (environmental protection), Healthcare (patient care), Manufacturing (supply chain optimization).
Advantages: Access data without worrying about location; better security; reduces costs by removing data replication; real-time data access; user-friendly interface.
Disadvantages: Availability issues (maintained by third-party providers); high implementation cost; scalability issues.
Accomplished by abstracting the physical hardware layer using a hypervisor/VMM installed directly on hardware. Main job: control and monitor processor, memory, and other hardware resources.
Advantages:
Abstracts the software installation procedure and creates virtual software installations. Virtualized software is an application installed into its own self-contained unit. Examples: VMware, VirtualBox.
Advantages:
1. Live / Hot Migration (VM is powered ON):
Process of moving a running VM from one physical host to another without disrupting normal operations or causing downtime. Memory, storage, and network connectivity are transferred from the original host to the destination. The end-user experiences no service interruption.
Requirements for Live Migration (Hyper-V):
2. Regular / Cold Migration (VM is powered OFF):
VM is shut down before moving. Simpler but causes downtime.
Virtual cluster nodes can be either physical or virtual machines. Multiple VMs running different OSes can be deployed on the same physical node.
Purpose: Consolidate multiple functionalities on the same server → greatly enhance server utilization and application flexibility.
Key characteristics:
Virtual Cores vs Physical Cores:
| Physical Cores | Virtual Cores |
|---|---|
| Actual physical cores in the processor | More virtual cores can be visible to a single OS than physical cores |
| More burden on software to write directly executable apps | Design of software becomes easier as hardware assists dynamic resource utilization |
| Hardware provides no assistance to software → simpler hardware | Hardware provides assistance → more complex hardware |
| Poor resource management | Better resource management |
| Lowest level of system software must be modified | Lowest level of system software need NOT be modified |
Eucalyptus (Elastic Utility Computing Architecture) is a paid and open-source software for building AWS-compatible private and hybrid cloud environments. Originally developed by Eucalyptus Systems.
The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications.
The consumer does NOT manage or control the underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select networking components (e.g., firewalls).
Virtualization is the key enabling technique for IaaS. It is an abstraction of logical resources away from underlying physical resources.
IaaS uses: Server Virtualization + Storage Virtualization + Network Virtualization
IaaS is the deployment platform that abstracts the infrastructure. Enabling technique: Virtualization. Consumer controls: OS, storage, deployed apps, possibly networking. Provider controls: physical hardware, virtualization, network, storage hardware.
The capability provided is to deploy onto cloud infrastructure consumer-created or acquired applications using programming languages and tools supported by the provider.
The consumer does NOT manage the underlying infrastructure (network, servers, OS, storage) but has control over deployed applications and possibly application hosting environment configurations.
A runtime environment refers to a collection of software services available — usually implemented as a collection of program libraries. Common properties in runtime environment:
1. Programming IDE:
2. System Control Interface:
PaaS is the development platform that abstracts infrastructure, OS, and middleware to drive developer productivity. Enabling technique: Runtime Environment. Services: Programming IDE, Programming APIs, Development Tools, System Control Interface (policy-based + workflow-based).
The capability provided is for the consumer to use the provider's applications running on cloud infrastructure, accessible from various client devices through a thin client interface such as a web browser.
The consumer does NOT manage or control the underlying infrastructure (network, servers, OS, storage) or even individual application capabilities — only limited user-specific application configuration settings.
Web 2.0 is the trend of using the full potential of the web:
Web Portal:
Web-based Application Categories:
SaaS = finished applications that you rent and customize. Enabling technique: Web Service. Services: Web-based Applications (general, business, scientific, government) + Web Portal.
Cloud infrastructure made available to the general public or large industry group. Also known as external cloud or multitenant cloud.
Basic characteristics: Homogeneous infrastructure, common policies, shared resources, multi-tenant, leased/rented infrastructure, economies of scale.
Advantages:
Disadvantages:
Cloud infrastructure operated solely for one organization. May be managed by the organization or a third party; on-premise or off-premise. Also called internal cloud or on-premise cloud.
Basic characteristics: Heterogeneous infrastructure, customized and tailored policies, dedicated resources, in-house infrastructure, end-to-end control.
Advantages:
Disadvantages:
Composition of two or more clouds (private or public) that remain unique entities but are bound together by standardized or proprietary technology enabling data and application portability.
Usage pattern: Non-critical activities → public cloud; Critical activities → private cloud (or vice versa). Cloud bursting is used for load-balancing between clouds.
Advantages:
Disadvantages:
Cloud infrastructure shared by several organizations that have shared concerns (mission, security requirements, policy, compliance). May be managed by the organizations, a third party, or both.
Advantages:
| Feature | Public | Private | Community | Hybrid |
|---|---|---|---|---|
| Access | Anyone | One org only | Specific community | Mixed |
| Cost | Low (pay-per-use) | High (own infra) | Shared | Moderate |
| Security | Lower | Highest | High | Good |
| Scalability | Highest | Limited | Limited | High |
| Control | Least | Full | Shared | Partial |
| Maintenance | Provider | In-house | Shared | Both |
| Example | AWS, Azure | Corp datacenters | Gov agencies | Netflix |
Multi-Cloud refers to the distributed, heterogeneous world of applications and users across public clouds, data centers, and edge.
In this model, organizations use a combination of on-premises, private cloud, public cloud, and edge to build, operate, access, and secure their applications consistently across clouds.
Key benefits:
Start with the NIST definition (most important). Then explain the 5-4-3 model. Write all 5 characteristics with 3–4 lines each. Mention examples where possible. Always mention the Pay-as-you-go model.
Draw the layered diagram (IaaS → PaaS → SaaS). For each model: define it, state what the consumer controls, what the provider controls, and give examples. Use the house analogy if needed.
Use a 5-column comparison table. Key points: Guest OS modification, Binary Translation, Hypercalls, Performance, Examples.
Cloud Computing Notes · CSE-468 · Units 1–3 · Saurav Tripathi · SRM University AP