MODULE 1 - Definition of cloud computing and its basics

What Is Cloud Computing?

Cloud computing refers to the use of hosted services, such as data storage, servers, databases,
networking, and software over the internet. The data is stored on physical servers, which are maintained
by a cloud service provider. Computer system resources, especially data storage and computing power,
are available on-demand, without direct management by the user in cloud computing.

Cloud Computing Architecture

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
Instead of storing files on a storage device or hard drive, a user can save them on cloud, making it
possible to access the files from anywhere, as long as they have access to the web. The services hosted
on cloud can be broadly divided into infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS), and
software-as-a-service (SaaS). Based on the deployment model, cloud can also be classified as public,
private, and hybrid cloud.Further, cloud can be divided into two different layers, namely, front-end and
back-end. The layer with which users interact is called the front-end layer. This layer enables a user to
access the data that has been stored in cloud through cloud computing software.The layer made up of
software and hardware, i.e., the computers, servers, central servers, and databases, is the back-end
layer. This layer is the primary component of cloud and is entirely responsible for storing information
securely. To ensure seamless connectivity between devices linked via cloud computing, the central
servers use a software called middlewareOpens a new window that acts as a bridge between the
database and applications.

Cloud Types in Cloud Computing

1. NIST model
NIST Cloud Computing reference architecture defines five major performers:
Cloud Provider
Cloud Carrier
Cloud Broker
Cloud Auditor
Cloud Consumer

Each performer is an object (a person or an organization) that contributes to a transaction or

method and/or performs tasks in Cloud computing. There are five major actors defined in the
NIST cloud computing reference architecture, which are described below:

Cloud Service Providers: A group or object that delivers cloud services to cloud consumers or
end-users. It offers various components of cloud computing. Cloud computing consumers
purchase a growing variety of cloud services from cloud service providers. There are various
categories of cloud-based services mentioned below:
IaaS Providers: In this model, the cloud service providers offer infrastructure components that
would exist in an on-premises data center. These components consist of servers, networking,
and storage as well as the virtualization layer.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
SaaS Providers: In Software as a Service (SaaS), vendors provide a wide sequence of business
technologies, such as Human resources management (HRM) software, customer relationship
management (CRM) software, all of which the SaaS vendor hosts and provides services through
the internet.
PaaS Providers: In Platform as a Service (PaaS), vendors offer cloud infrastructure and services
that can access to perform many functions. In PaaS, services and products are mostly utilized in
software development. PaaS providers offer more services than IaaS providers. PaaS providers
provide operating system and middleware along with application stack, to the underlying
infrastructure.
Cloud Carrier: The mediator who provides offers connectivity and transport of cloud services
within cloud service providers and cloud consumers. It allows access to the services of the cloud
through Internet networks, telecommunication, and other access devices. Network and telecom
carriers or a transport agent can provide distribution. A consistent level of services is provided
when cloud providers set up Service Level Agreements (SLA) with a cloud carrier. In general,
Carrier may be required to offer dedicated and encrypted connections.

Cloud Broker: An organization or a unit that manages the performance, use, and delivery of
cloud services by enhancing specific capability and offers value-added services to cloud
consumers. It combines and integrates various services into one or more new services. They
provide service arbitrage which allows flexibility and opportunistic choices. There are major
three services offered by a cloud broker:
Service Intermediation.
Service Aggregation.
Service Arbitrage.
Cloud Auditor: An entity that can conduct independent assessment of cloud services, security,
performance, and information system operations of the cloud implementations. The services
that are provided by Cloud Service Providers (CSP) can be evaluated by service auditors in terms
of privacy impact, security control, and performance, etc. Cloud Auditor can make an
assessment of the security controls in the information system to determine the extent to which
the controls are implemented correctly, operating as planned and constructing the desired
outcome with respect to meeting the security necessities for the system. There are three major
roles of Cloud Auditor which are mentioned below:
Security Audit.
Privacy Impact Audit.
Performance Audit.
Cloud Consumer: A cloud consumer is the end-user who browses or utilizes the services
provided by Cloud Service Providers (CSP), sets up service contracts with the cloud provider. The
cloud consumer pays per use of the service provisioned. Measured services utilized by the
consumer. In this, a set of organizations having mutual regulatory constraints performs a
security and risk assessment for each use case of Cloud migrations and deployments.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
 Cloud consumers use Service-Level Agreement (SLAs) to specify the technical performance
requirements to be fulfilled by a cloud provider. SLAs can cover terms concerning the quality of
service, security, and remedies for performance failures. A cloud provider may also list in the
SLAs a set of limitations or boundaries, and obligations that cloud consumers must accept. In a
mature market environment, a cloud consumer can freely pick a cloud provider with better
pricing and more favorable terms. Typically, a cloud provider’s public pricing policy and SLAs are
non-negotiable, although a cloud consumer who assumes to have substantial usage might be
able to negotiate for better contracts.

2. Cloud Cube Model

The Cloud Cube Model is a powerful tool for IT Managers, organizations, and business leaders,
ensuring a secure and protected cloud network. In the rapidly evolving landscape of cloud
computing, security is paramount. Selecting a suitable cloud formation can have far-reaching
implications, especially concerning data integrity, regulatory compliance, and operational
flexibility.
Types of Dimensions in Cloud Cube
● Internal/External: This dimension clarifies the physical location of data, impacting the cloud’s
boundary and data accessibility.

● Proprietary/Open: It delves into ownership and data sharing, differentiating between

proprietary systems under an organization’s secure control and open technologies with multiple
suppliers.

● Perimeterized/De-Perimeterized: This dimension revolves around the concept of boundaries

in cloud computing. Perimeterized operations maintain traditional boundaries with network
firewalls, while de-perimeterized operations expand cloud boundaries using innovative
techniques.

● Insourced/Outsourced: The insourced dimension represents in-house services, while the

outsourced dimension involves third-party service providers. Collaboration agreements and data
management are pivotal factors here.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
 3. Cloud Deployment Model

It works as your virtual computing environment with a choice of deployment model depending
on how much data you want to store and who has access to the Infrastructure.
Types of Deployment Model :

Public Cloud

The name says it all. It is accessible to the public. Public deployment models in the cloud are
perfect for organizations with growing and fluctuating demands. It also makes a great choice
for companies with low-security concerns. Thus, you pay a cloud service provider for
networking services, compute virtualization & storage available on the public internet. It is
also a great delivery model for the teams with development and testing. Its configuration
and deployment are quick and easy, making it an ideal choice for test environments.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
Benefits of Public Cloud :
Minimal Investment - As a pay-per-use service, there is no large upfront cost and is ideal for
businesses who need quick access to resources
No Hardware Setup - The cloud service providers fully fund the entire Infrastructure
No Infrastructure Management - This does not require an in-house team to utilize the public
cloud.
Limitations of Public Cloud
Data Security and Privacy Concerns - Since it is accessible to all, it does not fully protect against
cyber-attacks and could lead to vulnerabilities.
Reliability Issues - Since the same server network is open to a wide range of users, it can lead to
malfunction and outages
Service/License Limitation - While there are many resources you can exchange with tenants,
there is a usage cap.

Private Cloud
Now that you understand what the public cloud could offer you, of course, you are keen to
know what a private cloud can do. Companies that look for cost efficiency and greater control
over data & resources will find the private cloud a more suitable choice.

It means that it will be integrated with your data center and managed by your IT team.
Alternatively, you can also choose to host it externally. The private cloud offers bigger
opportunities that help meet specific organizations' requirements when it comes to
customization. It's also a wise choice for mission-critical processes that may have frequently
changing requirements.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
Benefits of Private Cloud

Data Privacy - It is ideal for storing corporate data where only authorized personnel gets access
Security - Segmentation of resources within the same Infrastructure can help with better access
and higher levels of security.
Supports Legacy Systems - This model supports legacy systems that cannot access the public
cloud.
Limitations of Private Cloud

Higher Cost - With the benefits you get, the investment will also be larger than the public cloud.
Here, you will pay for software, hardware, and resources for staff and training.
Fixed Scalability - The hardware you choose will accordingly help you scale in a certain direction
High Maintenance - Since it is managed in-house, the maintenance costs also increase.

Community Cloud
The community cloud operates in a way that is similar to the public cloud. There's just one
difference - it allows access to only a specific set of users who share common objectives and use
cases. This type of deployment model of cloud computing is managed and hosted internally or
by a third-party vendor. However, you can also choose a combination of all three.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
Benefits of Community Cloud

Smaller Investment - A community cloud is much cheaper than the private & public cloud and
provides great performance
Setup Benefits - The protocols and configuration of a community cloud must align with industry
standards, allowing customers to work much more efficiently.
Limitations of Community Cloud

Shared Resources - Due to restricted bandwidth and storage capacity, community resources
often pose challenges.
Not as Popular - Since this is a recently introduced model, it is not that popular or available
across industries

Hybrid Cloud
As the name suggests, a hybrid cloud is a combination of two or more cloud architectures. While
each model in the hybrid cloud functions differently, it is all part of the same architecture.
Further, as part of this deployment of the cloud computing model, the internal or external
providers can offer resources.

Let's understand the hybrid model better. A company with critical data will prefer storing on a
private cloud, while less sensitive data can be stored on a public cloud. The hybrid cloud is also
frequently used for 'cloud bursting'. It means, supposes an organization runs an application on-
premises, but due to heavy load, it can burst into the public cloud.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
Benefits of Hybrid Cloud
Cost-Effectiveness - The overall cost of a hybrid solution decreases since it majorly uses the
public cloud to store data.
Security - Since data is properly segmented, the chances of data theft from attackers are
significantly reduced.
Flexibility - With higher levels of flexibility, businesses can create custom solutions that fit their
exact requirements

Limitations of Hybrid Cloud

Complexity - It is complex setting up a hybrid cloud since it needs to integrate two or more cloud
architectures
Specific Use Case - This model makes more sense for organizations that have multiple use cases
or need to separate critical and sensitive data

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
 Comparison of Private, Community and Hybrid Cloud

Important Factors Public Private Community Hybrid

to Consider

Setup and ease of Easy Requires Requires professional Requires professional IT

use professional IT IT Team Team
Team

Data Security and Low High Very High High

Privacy

Scalability and High High Fixed requirements High

flexibility

Cost-Effectiveness Most Most expensive Cost is distributed Cheaper than private but
affordable among members more expensive than public

Reliability Low High Higher High

Cloud Service Models

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
 Infrastructure as a Service (IaaS)
IaaS is also known as Hardware as a Service (HaaS). It is a computing infrastructure managed
over the internet. The main advantage of using IaaS is that it helps users to avoid the cost and
complexity of purchasing and managing the physical servers.

Characteristics of IaaS
There are the following characteristics of IaaS –

o Resources are available as a service

o Services are highly scalable
o Dynamic and flexible
o GUI and API-based access
o Automated administrative tasks

Example: DigitalOcean, Linode, Amazon Web Services (AWS), Microsoft Azure,

Google Compute Engine (GCE), Rackspace, and Cisco Metacloud.

Platform as a Service (PaaS)

PaaS cloud computing platform is created for the programmer to develop, test, run, and manage
the applications.

Characteristics of PaaS
There are the following characteristics of PaaS -

o Accessible to various users via the same development application.

o Integrates with web services and databases.
o Builds on virtualization technology, so resources can easily be scaled up or down as
per the organization's need.
o Support multiple languages and frameworks.
o Provides an ability to "Auto-scale".

Example: AWS Elastic Beanstalk, Windows Azure, Heroku, Force.com, Google App Engine,
Apache Stratos, Magento Commerce Cloud, and OpenShift.

Characteristics of SaaS
There are the following characteristics of SaaS -

o Managed from a central location

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
 o Hosted on a remote server
o Accessible over the internet
o Users are not responsible for hardware and software updates. Updates are applied
automatically.
o The services are purchased on the pay-as-per-use basis

Example: BigCommerce, Google Apps, Salesforce, Dropbox, ZenDesk, Cisco WebEx,

ZenDesk, Slack, and GoToMeeting.

Infrastructure as a Service (IaaS)

Infrastructure as a Service (IaaS) is a cloud computing service model that provides virtualized
computing resources over the internet. It offers a scalable, on-demand infrastructure, including
compute, storage, and networking, allowing organizations to run their applications and
workloads without the need for physical hardware.

Overview of IaaS

Definition: IaaS is a form of cloud computing that provides virtualized computing resources
over the internet. IaaS offers essential compute, storage, and networking resources on a pay-as-
you-go basis, allowing organizations to scale their infrastructure dynamically based on demand.

Core Components:

1. Compute: Virtual machines (VMs) or instances with customizable CPU, RAM, and
other resources.
2. Storage: Various storage options including block storage, object storage, and file storage.
3. Networking: Virtual networks, load balancers, firewalls, and other networking
components.
4. Management and Monitoring: Tools to manage, monitor, and optimize the
infrastructure.

Benefits of IaaS

1. Scalability: Easily scale resources up or down based on demand without the need for
upfront investments in hardware.
2. Cost Efficiency: Pay only for the resources you use, reducing the need for capital
expenditure on physical infrastructure.
3. Flexibility: Quickly deploy and configure infrastructure to meet changing business
needs.
4. Focus on Core Business: Allows organizations to focus on their core business activities
rather than managing physical infrastructure.
5. Disaster Recovery: Provides robust disaster recovery solutions with backup and
replication capabilities.
Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
Key Features of IaaS

1. On-Demand Resources: Instant provisioning and de-provisioning of computing

resources.
2. Elasticity: Ability to automatically scale resources based on usage patterns.
3. Virtualization: Virtual machines that can run different operating systems and
applications.
4. Storage Options: Various storage solutions such as SSDs, HDDs, and object storage for
different use cases.
5. Networking Services: Virtual networks, load balancers, VPNs, and other networking
components.
6. Security: Built-in security features including firewalls, encryption, and identity
management.
7. Management Tools: Dashboards and APIs for managing and monitoring infrastructure
resources.
8. Backup and Recovery: Services for automated backup and disaster recovery.

Common Use Cases

1. Web Hosting: Hosting websites and web applications with scalable compute and storage
resources.
2. Development and Testing: Providing isolated environments for development, testing,
and staging without affecting production.
3. Big Data and Analytics: Running big data workloads and analytics applications with
scalable compute and storage.
4. Disaster Recovery: Setting up disaster recovery solutions to ensure business continuity.
5. Enterprise Applications: Hosting enterprise applications like ERP, CRM, and
collaboration tools.
6. Batch Processing: Running batch processing jobs that require significant computing
power for short periods.

Popular IaaS Providers

1. Amazon Web Services (AWS): Offers a comprehensive suite of IaaS services including
EC2, S3, VPC, and more.
2. Microsoft Azure: Provides a wide range of IaaS services such as Azure VMs, Azure
Storage, and Azure Virtual Network.
3. Google Cloud Platform (GCP): Offers IaaS services like Compute Engine, Cloud
Storage, and VPC.
4. IBM Cloud: Provides IaaS solutions including IBM Cloud VMs, Cloud Object Storage,
and Virtual Private Cloud.
5. Oracle Cloud Infrastructure (OCI): Offers IaaS services with a focus on high
performance and enterprise applications.
6. DigitalOcean: Known for its simplicity and cost-effectiveness, ideal for small to
medium-sized businesses and developers.
Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
Implementation Considerations

1. Vendor Selection: Choose an IaaS provider that aligns with your technical requirements,
budget, and support needs.
2. Security: Ensure the IaaS provider offers robust security measures, including compliance
with industry standards and regulations.
3. Integration: Verify that the IaaS platform can integrate with your existing IT
infrastructure and applications.
4. Performance: Assess the performance capabilities of the IaaS provider to ensure it meets
your workload requirements.
5. Cost Management: Use cost management tools to monitor and control cloud spending.
6. Service Level Agreements (SLAs): Review the SLAs offered by the provider to ensure
they meet your uptime and support requirements.

Platform as a Service (PaaS)

Platform as a Service (PaaS) is a cloud computing service model that provides a platform and
environment to allow developers to build, deploy, and manage applications without the
complexity of managing the underlying infrastructure. Here’s an overview of PaaS, its benefits,
key features, and common use cases:

Overview of PaaS

Definition: PaaS provides a platform that includes infrastructure (servers, storage, and
networking), development tools, middleware, database management systems, and other services
to support the complete lifecycle of building and deploying web applications and services.

Core Components:

1. Application Hosting: Environments for running applications and services.

2. Development Tools: Integrated development environments (IDEs), code editors, and
other tools.
3. Middleware: Software that connects different components of an application, including
web servers, application servers, and database management systems.
4. Databases: Managed database services for storing and managing data.
5. APIs and Integrations: Tools and services for integrating with other applications and
services.

Benefits of PaaS

1. Simplified Development: Provides a ready-to-use platform with development tools,

reducing the time and effort required to set up infrastructure.
2. Scalability: Easily scale applications as needed without worrying about the underlying
infrastructure.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
 3. Cost Efficiency: Pay only for the resources you use, reducing the need for upfront
investments in infrastructure.
4. Focus on Coding: Developers can focus on writing code and developing applications,
while the platform handles infrastructure management.
5. Collaboration: Facilitates collaboration among development teams with shared
environments and tools.
6. Integration: Easily integrates with various services, APIs, and databases, streamlining
the development process.

Key Features of PaaS

1. Development Frameworks: Provides frameworks and tools for building applications

(e.g., .NET, Java, Ruby on Rails).
2. Managed Databases: Offers database services like SQL, NoSQL, and in-memory
databases.
3. Application Hosting: Provides environments for deploying and running applications.
4. Automated Deployment: Supports continuous integration and continuous deployment
(CI/CD) pipelines.
5. Middleware Services: Includes services like messaging, authentication, and application
servers.
6. Scalability and Load Balancing: Automatically scales applications and balances loads
to handle varying levels of demand.
7. Monitoring and Management: Provides tools for monitoring application performance,
logging, and managing applications.
8. Security: Includes built-in security features such as authentication, authorization,
encryption, and compliance management.

Common Use Cases

1. Web and Mobile Applications: Developing and deploying web and mobile applications
with integrated backend services.
2. API Development: Creating and managing APIs for use by internal and external
applications.
3. Microservices: Building and orchestrating microservices architectures with ease.
4. Data Integration and Processing: Integrating and processing data from various sources
using managed services.
5. IoT Applications: Developing Internet of Things (IoT) applications with built-in
connectivity and data processing capabilities.
6. Business Applications: Building custom business applications with minimal
infrastructure management.

Popular PaaS Providers

1. Google App Engine: A fully managed serverless platform for developing and hosting
web applications.
Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
 2. Microsoft Azure App Service: Provides a range of services for building and hosting
web apps, mobile apps, and APIs.
3. Amazon Web Services (AWS) Elastic Beanstalk: An easy-to-use service for deploying
and scaling web applications and services.
4. Heroku: A popular PaaS platform that supports multiple programming languages and
offers a wide range of add-ons.
5. IBM Cloud Foundry: An open-source PaaS platform that supports various programming
languages and frameworks.
6. Oracle Cloud Platform: Offers a comprehensive suite of PaaS services for building,
deploying, and managing applications.

Implementation Considerations

1. Platform Compatibility: Ensure the PaaS supports the programming languages,

frameworks, and tools you use.
2. Scalability Requirements: Evaluate the platform’s ability to scale applications to meet
your business needs.
3. Integration Needs: Consider how well the PaaS integrates with your existing services,
APIs, and third-party applications.
4. Security and Compliance: Review the security features and compliance certifications of
the PaaS provider.
5. Cost Management: Understand the pricing model and manage costs effectively to avoid
unexpected expenses.
6. Support and Documentation: Ensure the PaaS provider offers robust support and
comprehensive documentation for developers.

Software as a Service (SaaS)

Software as a Service (SaaS) is a cloud computing service model that delivers software
applications over the internet. With SaaS, software is hosted by a service provider and made
available to users through a web browser or application interface. Here’s an overview of SaaS,
its benefits, key features, and common use cases:

Overview of SaaS

Definition: SaaS is a cloud service model where software applications are delivered over the
internet. Users can access the software from any device with an internet connection, eliminating
the need for local installation and maintenance.

Core Components:

1. Application Hosting: The software is hosted on the provider's servers.

2. User Access: Accessible via web browsers or dedicated applications.
3. Subscription Model: Typically involves a subscription-based pricing model.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
 4. Maintenance and Updates: The provider manages software updates, patches, and
maintenance.

Benefits of SaaS

1. Cost Efficiency: Reduces costs related to software purchases, maintenance, and

infrastructure. Users typically pay on a subscription basis.
2. Accessibility: Accessible from any device with an internet connection, providing
flexibility and remote access.
3. Scalability: Easily scale the number of users or features as needed without additional
infrastructure.
4. Automatic Updates: Regular updates and maintenance are handled by the provider,
ensuring users always have access to the latest features and security patches.
5. Security: Providers often offer robust security measures, including encryption, backup,
and disaster recovery.
6. Integration: Many SaaS applications offer APIs and integration capabilities to connect
with other services and applications.

Key Features of SaaS

1. Web-Based Access: Access applications through a web browser, eliminating the need for
local installation.
2. Multi-Tenancy: Single instance of the software serves multiple customers, with data and
configuration isolated between tenants.
3. Subscription Pricing: Typically billed on a subscription basis (monthly or annually),
with options for different service tiers.
4. Automatic Updates: Providers manage and deploy software updates and patches
automatically.
5. Scalability: Easily add or remove users and features as needed.
6. Data Security: Includes data encryption, access controls, and compliance with security
standards.
7. User Management: Tools for managing user accounts, roles, and permissions.
8. Support and Maintenance: Provider handles technical support and ongoing
maintenance.

Common Use Cases

1. Customer Relationship Management (CRM): Managing customer interactions and

sales processes (e.g., Salesforce, HubSpot).
2. Enterprise Resource Planning (ERP): Integrating and managing business processes
and resources (e.g., SAP S/4HANA Cloud, Oracle ERP Cloud).
3. Email and Collaboration Tools: Providing email, calendaring, and collaboration
features (e.g., Microsoft 365, Google Workspace).
4. Project Management: Tracking and managing projects and tasks (e.g., Asana, Trello).

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
 5. Human Resources (HR) Management: Managing HR functions such as payroll,
recruitment, and employee records (e.g., Workday, BambooHR).
6. Accounting and Finance: Handling financial tasks such as invoicing, expense tracking,
and budgeting (e.g., QuickBooks Online, Xero).
7. E-commerce Platforms: Running online stores and managing sales (e.g., Shopify,
BigCommerce).
8. Marketing Automation: Automating marketing tasks such as email campaigns and lead
management (e.g., Mailchimp, Marketo).

Popular SaaS Providers

1. Salesforce: Leading CRM platform that offers a wide range of customer management
and sales solutions.
2. Microsoft 365: Comprehensive suite of productivity tools including Word, Excel,
PowerPoint, and Teams.
3. Google Workspace: Offers productivity and collaboration tools like Gmail, Docs,
Sheets, and Drive.
4. Zendesk: Provides customer service and support solutions with ticketing, chat, and
knowledge base features.
5. Shopify: A popular e-commerce platform for creating and managing online stores.
6. Workday: Offers solutions for HR, finance, and planning.
7. Dropbox: Provides cloud storage and file sharing services with collaboration features.
8. QuickBooks Online: Cloud-based accounting software for small and medium-sized
businesses.

Implementation Considerations

1. Vendor Selection: Choose a SaaS provider that meets your functional, security, and
compliance needs.
2. Cost Analysis: Understand the pricing model, including subscription costs, additional
features, and potential overage fees.
3. Integration: Ensure the SaaS application integrates with your existing systems and
workflows.
4. Data Security: Review the provider’s security measures, including data encryption,
access controls, and compliance with regulations.
5. Support and Service Levels: Evaluate the provider’s customer support and service level
agreements (SLAs) to ensure they meet your needs.
6. Customization: Consider the level of customization available to tailor the application to
your specific needs.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
 Difference between IaaS, PaaS, and SaaS

The below table shows the difference between IaaS, PaaS, and SaaS -

IaaS Paas SaaS

It provides a virtual data center to store It provides virtual platforms and It provides web software and
information and create platforms for tools to create, test, and deploy apps to complete business
app development, testing, and apps. tasks.
deployment.

It provides access to resources such as It provides runtime environments It provides software as a

virtual machines, virtual storage, etc. and deployment tools for service to the end-users.
applications.

It is used by network architects. It is used by developers. It is used by end users.

IaaS provides only Infrastructure. PaaS provides SaaS provides

Infrastructure+Platform. Infrastructure+Platform
+Software.

Features Of Cloud Computing

1. Resources Pooling
Resource pooling is one of the essential features of cloud computing. Resource pooling means
that a cloud service provider can share resources among multiple clients, each providing a
different set of services according to their needs. It is a multi-client strategy that can be applied
to data storage, processing and bandwidth-delivered services. The administration process of
allocating resources in real-time does not conflict with the client's experience.

2. On-Demand Self-Service
It is one of the important and essential features of cloud computing. This enables the client to
continuously monitor server uptime, capabilities and allocated network storage. This is a
fundamental feature of cloud computing, and a customer can also control the computing
capabilities according to their needs.

3. Easy Maintenance
This is one of the best cloud features. Servers are easily maintained, and downtime is minimal or
sometimes zero. Cloud computing powered resources often undergo several updates to
Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
optimize their capabilities and potential. Updates are more viable with devices and perform
faster than previous versions.

4. Scalability And Rapid Elasticity

A key feature and advantage of cloud computing is its rapid scalability. This cloud feature
enables cost-effective handling of workloads that require a large number of servers but only for
a short period. Many customers have workloads that can be run very cost-effectively due to the
rapid scalability of cloud computing.

5. Economical
This cloud feature helps in reducing the IT expenditure of the organizations. In cloud computing,
clients need to pay the administration for the space used by them. There is no cover-up or
additional charges that need to be paid. Administration is economical, and more often than not,
some space is allocated for free.

6. Measured And Reporting Service

Reporting Services is one of the many cloud features that make it the best choice for
organizations. The measurement and reporting service is helpful for both cloud providers and
their customers. This enables both the provider and the customer to monitor and report which
services have been used and for what purposes. It helps in monitoring billing and ensuring
optimum utilization of resources.

7. Security
Data security is one of the best features of cloud computing. Cloud services make a copy of the
stored data to prevent any kind of data loss. If one server loses data by any chance, the copied
version is restored from the other server. This feature comes in handy when multiple users are
working on a particular file in real-time, and one file suddenly gets corrupted.

8. Automation
Automation is an essential feature of cloud computing. The ability of cloud computing to
automatically install, configure and maintain a cloud service is known as automation in cloud
computing. In simple words, it is the process of making the most of the technology and
minimizing the manual effort. However, achieving automation in a cloud ecosystem is not that
easy. This requires the installation and deployment of virtual machines, servers, and large
storage. On successful deployment, these resources also require constant maintenance.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
Identity as a Service (IDaaS) as a cloud Based service
Definition:IDaaS is a cloud service that offers identity and access management capabilities. It
allows organizations to manage user identities, authentication, and authorization processes from
a centralized platform, without the need for on-premises infrastructure.

Core Components:

1. User Authentication: Verifying user identity through methods like passwords, multi-
factor authentication (MFA), biometrics, etc.
2. Single Sign-On (SSO): Allows users to log in once and gain access to multiple
applications and services without re-authenticating.
3. Access Management: Controlling which resources users can access based on their roles
and permissions.
4. Directory Services: Providing a centralized directory to store and manage user identities.
5. Federation: Enabling secure sharing of identity information across different domains or
organizations.
6. Lifecycle Management: Managing user identity lifecycle from creation to deletion,
including provisioning and de-provisioning of access.

Benefits of IDaaS

1. Cost Efficiency: Reduces the need for on-premises infrastructure and maintenance,
lowering IT costs.
2. Scalability: Easily scales to accommodate growing numbers of users and applications.
3. Security: Enhances security through advanced authentication methods, centralized
access control, and compliance with security standards.
4. User Experience: Improves user experience with SSO and seamless access to multiple
applications.
5. Compliance: Helps organizations comply with regulatory requirements by providing
robust access controls and auditing capabilities.
6. Flexibility: Integrates with various applications, both on-premises and in the cloud.

Key Features of IDaaS

1. Multi-Factor Authentication (MFA): Adds an extra layer of security by requiring

multiple forms of verification.
2. SSO: Provides a single point of authentication for accessing multiple applications.
3. Identity Federation: Supports standards like SAML, OAuth, and OpenID Connect for
cross-domain authentication.
4. User Provisioning and De-Provisioning: Automates the process of creating, updating,
and removing user accounts.
5. Self-Service Password Reset: Allows users to reset their passwords without IT
intervention.
Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
 6. Access Governance: Provides visibility and control over who has access to what
resources.
7. Reporting and Analytics: Offers detailed reports and analytics on user access and
activity.

Common Use Cases

1. Enterprise SSO: Large organizations use IDaaS to provide SSO across various internal
and external applications, improving user productivity and security.
2. Remote Workforce: Supports remote employees by enabling secure access to corporate
resources from any location.
3. Partner and Vendor Access: Facilitates secure access for partners and vendors to
specific resources, without exposing the entire network.
4. Customer Identity Management: Manages customer identities and access to online
services, ensuring a seamless user experience and enhanced security.
5. Regulatory Compliance: Helps organizations comply with regulations like GDPR,
HIPAA, and SOX by providing robust identity and access management controls.

Popular IDaaS Providers

1. Okta: A leading IDaaS provider known for its robust SSO, MFA, and lifecycle
management capabilities.
2. Microsoft Azure AD: Offers comprehensive identity management solutions integrated
with Microsoft’s ecosystem.
3. Ping Identity: Provides advanced identity and access management solutions, including
SSO, MFA, and directory services.
4. IBM Security Identity Governance and Intelligence: Focuses on identity governance,
risk management, and compliance.
5. Auth0: A flexible IDaaS provider known for its developer-friendly platform and
extensive integrations.

Implementation Considerations

1. Integration: Ensure the IDaaS solution integrates seamlessly with your existing
applications and infrastructure.
2. Security: Evaluate the security features and certifications of the IDaaS provider to ensure
it meets your organization's security requirements.
3. User Experience: Consider the impact on user experience, especially regarding SSO and
self-service capabilities.
4. Scalability: Choose a solution that can scale with your organization’s growth.
5. Cost: Analyze the cost structure of the IDaaS solution, including subscription fees and
potential additional costs for premium features.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
 Compliance as a Service(CaaS)

Definition: Compliance as a Service (CaaS) provides a comprehensive suite of tools and

services delivered via the cloud to help organizations manage their compliance requirements.
This includes monitoring, reporting, auditing, and managing compliance with various regulations
such as GDPR, HIPAA, PCI-DSS, and more.

Core Components:

1. Regulatory Compliance: Tools and services to ensure adherence to specific regulations.

2. Policy Management: Creating, managing, and enforcing internal compliance policies.
3. Risk Management: Identifying, assessing, and mitigating compliance risks.
4. Audit and Reporting: Generating reports and maintaining audit trails to demonstrate
compliance.
5. Training and Awareness: Providing training and resources to educate employees on
compliance requirements.

Benefits of Compliance as a Service

1. Cost Efficiency: Reduces the need for significant investment in compliance

infrastructure and expertise, lowering overall costs.
2. Scalability: Easily scales to accommodate the growing and changing compliance needs
of an organization.
3. Expertise: Access to compliance experts and up-to-date information on regulatory
changes.
4. Automation: Automates compliance tasks such as monitoring, reporting, and auditing,
reducing manual effort and errors.
5. Continuous Monitoring: Provides real-time monitoring and alerts for compliance issues,
allowing for prompt resolution.
6. Improved Security: Enhances overall security posture by ensuring compliance with best
practices and regulatory requirements.

Key Features of Compliance as a Service

1. Regulatory Compliance Management: Ensures adherence to specific regulations such

as GDPR, HIPAA, PCI-DSS, SOX, etc.
2. Policy Management: Tools for creating, updating, and enforcing internal policies and
procedures.
3. Risk Assessment: Identifies and evaluates compliance risks, providing tools to mitigate
these risks.
4. Automated Auditing and Reporting: Generates compliance reports and maintains audit
logs automatically.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
 5. Training and Certification: Provides training modules and certification programs for
employees to stay informed about compliance requirements.
6. Incident Management: Tracks and manages compliance incidents, providing tools for
resolution and reporting.
7. Document Management: Manages compliance-related documents and ensures they are
up-to-date and accessible.
8. Third-Party Risk Management: Evaluates and manages the compliance risks
associated with third-party vendors and partners.

Common Use Cases

1. Healthcare Compliance: Ensuring compliance with healthcare regulations such as

HIPAA.
2. Financial Services: Managing compliance with financial regulations like SOX, FINRA,
and PCI-DSS.
3. Data Protection: Ensuring compliance with data protection regulations such as GDPR
and CCPA.
4. IT and Cybersecurity: Meeting compliance requirements for cybersecurity frameworks
like NIST, ISO 27001, and CIS.
5. Retail: Managing compliance with PCI-DSS for handling payment card information.
6. Government: Ensuring compliance with various government regulations and standards.

Popular Compliance as a Service Providers

1. OneTrust: Provides tools for privacy, security, and data governance compliance.
2. TrustArc: Offers a suite of compliance solutions, including GDPR and CCPA
compliance.
3. MetricStream: Provides GRC (Governance, Risk, and Compliance) solutions.
4. NAVEX Global: Offers solutions for risk and compliance management, including policy
management and third-party risk management.
5. LogicGate: Provides a platform for automating and managing risk and compliance
processes.
6. RSA Archer: Offers a comprehensive suite of GRC solutions.

Implementation Considerations

1. Integration: Ensure the CaaS solution integrates with your existing IT infrastructure and
business processes.
2. Customization: Choose a solution that can be tailored to meet your specific compliance
needs and industry requirements.
3. Scalability: Ensure the solution can scale with your organization’s growth and evolving
compliance landscape.
4. User Training: Provide adequate training to employees to ensure they understand and
utilize the compliance tools effectively.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering
5. Cost: Analyze the cost structure of the CaaS solution, including subscription fees and any
additional costs for specific features or services.
6. Vendor Reputation: Evaluate the reputation and track record of the CaaS provider in
delivering reliable and effective compliance solutions.

Nilanjana Adhikari
Assistant Professor
Dept. Of Computer Science Engineering