Cloud

Computing
Implementation,
Management,
and Security

John W. Rittinghouse
James F. Ransome

(röC) CRC Press

W / Taylor &. Francis Group
Boca Raton London New York

CRC Press is an imprint of the

Taylor & Francis Group, an informa business
Contents

Foreword xiii

Preface xix

Introduction xxv
What Is the Cloud? xxvi
The Emergence of Cloud Computing xxvi
The Global Nature of the Cloud xxvii
Cloud-Based Service Offerings xxviii
Grid Computing or Cloud Computing? xxxi
Is the Cloud Model Reliable? xxxi
Benefits of Using a Cloud Model xxxii
What About Legal Issues When Using
Cloud Models? xxxii
What Are the Key Characteristics of
Cloud Computing? xxxiv
Challenges for the Cloud xxxvi

Chapter 1 The Evolution of Cloud Computing 1

1.1 Chapter Overview 1
1.2 Hardware Evolution 2
1.2.1 First-Generation Computers 3
1.2.2 Second-Generation Computers 4
1.2.3 Third-Generation Computers 5
1.2.4 Fourth-Generation Computers 6
1.3 Internet Software Evolution 7
1.3.1 Establishing a Common Protocol for
the Internet 12
1.3.2 Evolution of Ipv6 13
vi Cloud Computing

1.3.3 Finding a Common Method to

Communicate Using the Internet
Protocol 13
1.3.4 Building a Common Interface to
the Internet 15
1.3.5 The Appearance of Cloud
Formations—From One Computer
to a Grid of Many 20
1.4 Server Virtualization 24
1.4.1 Parallel Processing 25
1.4.2 Vector Processing 26
1.4.3 Symmetric Multiprocessing Systems 26
1.4.4 Massively Parallel Processing Systems 27
1.5 Chapter Summary 28

Chapter 2 Web Services Delivered from the Cloud 29

2.1 Chapter Overview 29
2.2 Communication-as-a-Service (CaaS) 30
2.2.1 Advantages of CaaS 31
2.2.2 Fully Integrated, Enterprise-Class
Unified Communications 32
2.3 Infrastructure-as-a-Service (laaS) 34
2.3.1 Modern On-Demand Computing 36
2.3.2 Amazon's Elastic Cloud 37
2.3.3 Amazon EC2 Service Characteristics 38
2.3.4 Mosso (Rackspace) 42
2.4 Monitoring-as-a-Service (MaaS) 44
2.4.1 Protection Against Internal and
External Threats 45
2.4.2 Delivering Business Value 47
2.4.3 Real-Time Log Monitoring
Enables Compliance 48
2.5 Platform-as-a-Service (PaaS) 48
2.5.1 The Traditional On-Premises Model 49
2.5.2 The New Cloud Model 49
2.5.3 Key Characteristics of PaaS 49
2.6 Software-as-a-Service (SaaS) 50
2.6.1 SaaS Implementation Issues 51
2.6.2 Key Characteristics of SaaS 52
2.6.3 Benefits of the SaaS Model 53
2.7 Chapter Summary 54
 Contents vii

Chapter 3 Building Cloud Networks 57

3.1 Chapter Overview 57
3.2 The Evolution from the MSP Model to Cloud
Computing and Software-as-a-Service 59
3.2.1 From Single-Purpose Architectures
to Multipurpose Architectures 60
3.2.2 Data Center Virtualization 61
3.3 The Cloud Data Center 62
3.4 Collaboration 62
3.4.1 Why Collaboration? 65
3.5 Service-Oriented Architectures as a Step
Toward Cloud Computing 70
3.6 Basic Approach to a Data Center-Based SOA 72
3.6.1 Planning for Capacity 73
3.6.2 Planning for Availability 73
3.6.3 Planning for SOA Security 74
3.7 The Role of Open Source Software in Data Centers 75
3.8 Where Open Source Software Is Used 77
3.8.1 Web Presence 78
3.8.2 Database Tier 81
3.8.3 Application Tier 83
3.8.4 Systems and Network Management Tier 87
3.9 Chapter Summary 101

Chapter 4 Virtualization Practicum 103

4.1 Chapter Overview 103
4.2 Downloading Sun xVM VirtualBox 104
4.3 Installing Sun xVM VirtualBox 106
4.4 Adding a Guest Operating System to VirtualBox 112
4.5 Downloading FreeDOS as a Guest OS 112
4.6 Downloading the 7-Zip Archive Tool 114
4.7 Adding a Guest OS to Sun xVM VirtualBox 115
4.8 Chapter Summary 127

Chapter 5 Federation, Presence, Identity, and Privacy in

the Cloud 129
5.1 Chapter Overview 129
5.2 Federation in the Cloud 129
5.2.1 Four Levels of Federation 132
viii Cloud Computing

5.2.2 How Encrypted Federation Differs

from Trusted Federation 134
5.2.3 Federated Services and Applications 134
5.2.4 Protecting and Controlling Federated
Communication 135
5.2.5 The Future of Federation 136
5.3 Presence in the Cloud 136
5.3.1 Presence Protocols 137
5.3.2 Leveraging Presence 138
5.3.3 Presence Enabled 139
5.3.4 The Future of Presence 139
5.3.5 The Interrelation of Identity, Presence,
and Location in the Cloud 140
5.3.6 Federated Identity Management 140
5.3.7 Cloud and SaaS Identity Management 141
5.3.8 Federating Identity 143
5.3.9 Claims-Based Solutions 144
5.3.10 Identity-as-a-Service (laaS) 144
5.3.11 Compliance-as-a-Service (CaaS) 145
5.3.12 The Future of Identity in the Cloud 146
5.4 Privacy and Its Relation to Cloud-Based
Information Systems 147
5.4.1 Privacy Risks and the Cloud 149
5.4.2 Protecting Privacy Information 150
5.4.3 The Future of Privacy in the Cloud 151
5.5 Chapter Summary 152

Chapter 6 Security in the Cloud 153

6.1 Chapter Overview 153
6.2 Cloud Security Challenges 158
6.3 Software-as-a-Service Security 1 62
6.3.1 Security Management (People) 164
6.3.2 Security Governance 165
6.3.3 Risk Management 165
6.3.4 Risk Assessment 165
6.3.5 Security Portfolio Management 166
6.3.6 Security Awareness 166
6.3.7 Education and Training 167
6.3.8 Policies, Standards, and Guidelines 167
6.3.9 Secure Software Development
Life Cycle (SecSDLC) 168
 Contents ix

6.3.10 Security Monitoring and Incident

Response 169
6.3.11 Third-Party Risk Management 169
6.3.12 Requests for Information and Sales
Support 169
6.3.13 Business Continuity Plan 170
6.3.14 Forensics 170
6.3.15 Security Architecture Design 172
6.3.16 Vulnerability Assessment 173
6.3.17 Password Assurance Testing 173
6.3.18 Logging for Compliance and Security
Investigations 173
6.3.19 Security Images 173
6.3.20 Data Privacy 174
6.3.21 Data Governance 175
6.3.22 Data Security 175
6.3.23 Application Security 176
6.3.24 Virtual Machine Security 177
6.3.25 Identity Access Management (IAM) 177
6.3.26 Change Management 178
6.3.27 Physical Security 178
6.3.28 Business Continuity and Disaster
Recovery 179
6.3.29 The Business Continuity Plan 180
6.4 Is Security-as-a-Service the New MSSP? 1 81
6.5 Chapter Summary 182

Chapter 7 Common Standards in Cloud Computing 183

7.1 Chapter Overview 183
7.2 The Open Cloud Consortium 183
7.3 The Distributed Management Task Force 185
7.3.1 Open Virtualization Format 186
7.4 Standards for Application Developers 187
7.4.1 Browsers (Ajax) 188
7.4.2 Data (XML, JSON) 189
7.4.3 Solution Stacks (LAMP and LAPP) 1 92
7.5 Standards for Messaging 193
7.5.1 Simple Message Transfer
Protocol (SMTP) 193
7.5.2 Post Office Protocol (POP) 194
x Cloud Computing

7.5.3 Internet Messaging Access

Protocol (IMAP) 194
7.5.4 Syndication (Atom, Atom Publishing
Protocol, and RSS) 1 94
7.5.5 Communications (HTTP, SIMPLE,
and XMPP) 202
7.6 Standards for Security 205
7.6.1 Security (SAML OAuth, OpenID,
SSUTLS) 205
7.7 Chapter Summary 212

Chapter 8 End-User Access to Cloud Computing 213

8.1 Chapter Overview 213
8.2 YouTube 214
8.3 YouTube API Overview 215
8.3.1 Widgets 216
8.3.2 YouTube Player APIs 217
8.3.3 The YouTube Custom Player 218
8.3.4 YouTube Data API 218
8.4 Zimbra 219
8.4.1 Zimbra Collaboration Suite (ZCS) 221
8.5 Facebook 221
8.5.1 Facebook Development 223
8.6 Zoho 223
8.6.1 ZohoCloudSQL 225
8.7 DimDim Collaboration 226
8.8 Chapter Summary 233

Chapter 9 Mobile Internet Devices and the Cloud 235

9.1 Chapter Overview 235
9.2 What Is a Smartphone? 236
9.3 Mobile Operating Systems for Smartphones 237
9.3.1 iPhone 237
9.3.2 Google (Android) 237
9.3.3 Blackberry 241
9.3.4 Windows Mobile 241
9.3.5 Ubuntu Mobile Internet Device (MID) 243
9.4 Mobile Platform Virtualization 251
9.4.1 KVM 253
9.4.2 VMWare 254
9.5 Collaboration Applications for Mobile Platforms 256
 Contents xi

9.6 Future Trends 257

9.7 Chapter Summary 258
9.8 Closing Comments 258

Appendix A Virtualization Practicum (Linux) 261

A.1 Overview 261
A.2 Adding a Linux-Based Guest Operating System
toVirtualBox 262
A.3 Downloading OpenSolaris as a Guest
Operating System 263
A.4 Using the 7-Zip Archive Tool 264
A.5 Adding the OpenSolaris Guest OS to Sun
xVM Virtual Box 265
A.6 Summary 281

Appendix В Executive Scenario for Cloud Migration 285

Index 297