Cloud Computing Architecture

Describe about the Cloud Computing for Technical Management and Service Level.

Child protection board has considered to assess the technical management and Service Level Agreements (SLA) in cloud computing. For this purpose the estimation of management requirements of different vendors of cloud is necessary. In the following report, discussion about remote administration, SLA management and resource management is done including the payroll services and data file exchange. Since the report discusses about the cloud services of various vendors certain features are to be highlighted which are application resilience, disaster recovery and backup and finally the SLA service are illustrated. Child Protection Board has levied this responsibility as the cloud architecture is the most important feature in deciding the security and risk management of the vendor. Comparison is made between different vendor’s cloud architecture to select the most suitable cloud service for the Child Protection Board. Architecture refers as many components and sub-components of cloud services that are classified into Front-end and Back-end. Further discussion is done in the following report.

Architecture of cloud computing can be divided into two sections which are front-end and back-end architectures. Both ends are connected to each other by a network connection which is internet in most of the cases. Front end of the architecture is of the client or the user. It includes the software or the interface part or the application module of the cloud (Kim & Solomon, 2013). Since interface of each cloud service is not the same it is the dynamic part of architecture. Back end is cloud part of the architecture. This contains several vital systems such as servers, data storage and computers. Both ends of the cloud architecture are present in any cloud system which may host a data processing system or a video game (Cao et al., 2014). Various cloud vendors give emphasis to different cloud architectures. But in Child Protection Board both of the front end and back end architectures are deployed to get proper synchronization in providing the data processing and payroll management systems (Lloyd, 2014).

Some cloud computing delivery working models are Software as a service (SaaS), Platform as a service (PaaS), and Infrastructure as a service (IaaS). These platforms differ in the type of applications which they support which is required by the user. SaaS applications are available from numerous client devices such as a web browser. But the cloud users do not control the infrastructure such as operating systems, individual applications, network or even system storage (Limoncelli, Chalup & Hogan, 2014). Moreover, IaaS gives the access to users for processing of consumers, networks, fundamental resources and networking depending on the type of application use. PaaS deploys software and platform of users. The applications are accessible from anywhere. They have the rights to control the platform. Users get the conformation about the tools which are supported on the platform. IBM and Oracle is the two largest cloud service providers in the world. Another working model ids are Communication as service (CaaS), Database as service (DaaS) and Business Process as service (BPaaS) (Mutkoski, 2013).

Cloud Computing Delivery Models

Risk management of cloud systems which comes under the ambit of ICT systems is done by the government of the country. This follows the structured approach for defining risk assessment. This helps the decision makers to calculate the benefits of executing cloud computing services according to the business requirements (Reed & Bennett, 2012). There are certain guidelines on which the risk management is done which are:

Application of risk management principles of International Standard ISO 31000.

Strategic and organizational context.

Risk identification.

Assessment of tolerance of risk.

Questions related to the timing of risk management deployed in the cloud.

Threats involved during information outsourcing

Assessment and mapping of risks with other factors.

Defining likelihood and potential of risks.

Evaluation and rating of risks.

Options of risk treatment even when the services are outsourced.

Review of services and consultation form experts.

There are certain features which are considered in governing and security of cloud services which are discussed below:

Data Protection: The questions relating to the positioning and storage of data and its location, data is stationery or in motion and assurance of availability of data (Wang et al., 2014).

Security control: It is concerned with controls of security provided by the cloud to its end user and assurance of effective and efficient management of controls in cloud services.

Compliance: Synchronization with the given guidelines and confidence of cloud provider in the effective use and support of cloud services (Moerel, 2014).    

Multi-tenancy: Vulnerability of the assets if another client is under attack and separation of data of multiple customers on the cloud.

Security governance: Ownership, access and rights of the data and measurement of performance.

The service level agreement is basically considered as contractual agreement between consumer of the supplied products and specialized services provider. As per the Erl’s SLA, it is mainly consisting ethical scenario, human rights goal and objectives of the organization (Gu & Guirguis, 2014). Service level agreement mainly supports organizational authorities to understand the different deliverables representing in it. The organizational service level agreement is following in nature:

Service Level Agreement
Overview	The service level agreement is mainly initiated by child protection board for their cloud service provider (Kim & Solomon, 2013). This service agreement are created to manage their employees payroll of the organization over cloud networking.
Scope of the services	There are basically some part of the services are covered in the basis of ·                   For easier accessibility and better managerial services Cloud based payroll services are selected by board (Limoncelli & Hogan, 2014). ·                   Availability for the better provisional support services.
Confidentiality	To maintain the confidentiality of the provided database, maintenance of data usage secured and under security section.
Price	The allocated prices required to be according to competitiveness of the market, which should not be more than stipulated level also need to be properly documented.

 

Migrating the entire application on cloud is a tough ask for Child Protection Board as it has to completely shift their existing work model to an unknown domain. Migration should not be done in haste or a flip of the switch. Child Processing Board must choose the right migration strategy and tool (Kshetri, 2016). Since Child Protection Board is a public enterprise it should take care of the following factors before migrating to cloud:

Risk management of Outsourced ICT systems including Cloud

Virtualized Infrastructure: If the existing infrastructure is based on virtualization then it is viable to migrate from virtual-to-virtual framework. Therefore, physical migration is not considered a better option.

Redundancy: If the availability requirement of an application is not close to 100 percent then it is considered unwise to migrate that service to cloud as it creates redundancy issues (Amos, 2014).

Licensing: Cloud infrastructures require licensing of the services which are used in it such as operating systems and software which may become a problem at the time of migration. So this factor needs to be ensured (Busquets & Álvarez, 2015).

Support: Software vendor needs to give support to the applications which will run of the cloud without which it is difficult to maintain a real time application. Since cloud supports round the clock service of its applications, support is a must thing for its execution and even for migration (Gu & Guirguis, 2014).

Data Locality: Location of details considered to be the most important factor in migration to cloud as some agencies require the data to be confined within borders. For this purpose regulatory authorities need to be considered.

This system provides tools and interfaces for external cloud administrators to administer and configure IT resources based on cloud. It is the most basic and fascinating service of cloud users that provides the leverage to its users for accessing, controlling and monitoring its services irrespective of the location. It is termed as the access and security management as per the checklist of Morad and Dalbhanjan (Houze, 2014).

Before deploying the cloud services by Child Protection Board, they need to comply with some prerequisites of Service Level Agreements which are stated below:

Understanding of responsibilities and roles.

Evaluation of policies and business levels.

Understand differences between service and deployment models.

Identification of objective which are critical.

Evaluation of privacy and security requirements.

Preparation of management strategies during service failure.

Understanding of plan for disaster recovery.

Development of governance process to work efficiently.

Understanding the process to exit.

Recovery of data and preventing disaster is not easy in cloud services. For cloud storage most of the users apply a hybrid approach for data backup and disaster recovery. This is done by choosing the data to be stored in the cloud. Not every data is kept on the cloud and some of it is stored on premise in different data storage systems. Recent data-backup techniques are used to minimize the risk of data loss (Reed & Bennett, 2012). Introduction of new technologies such as variable length reduplication and reduction of storage bandwidth is done to protect data from risks of disaster. Replication of data to off-site cloud storage is another way of data recovery. Identification of critical data and applications that are running on cloud is also a successful method to ensure data protection which can be stored in another way or a storage device (Kshetri, 2016). There is no concrete way of avoiding risk associated with data loss on cloud but these protective measures minimize the chances of data loss.

Reference

Amos, S. (2014). Data Security: Foundation for Smart City Development.

Busquets, J., & Álvarez, C. (2015). Banco Sabadell acquires Banco CAM: leveraging a cloud computing strategy. Journal of Information Technology Teaching Cases, 5(1), 8-19.

Cao, N., Wang, C., Li, M., Ren, K., & Lou, W. (2014). Privacy-preserving multi-keyword ranked search over encrypted cloud data. IEEE Transactions on parallel and distributed systems, 25(1), 222-233.

Gu, Q., & Guirguis, M. (2014). Secure Mobile Cloud Computing and Security Issues. In High Performance Cloud Auditing and Applications (pp. 65-90). Springer New York.

Houze Jr, R. A. (2014). Cloud dynamics (Vol. 104). Academic press.

Kim, D., & Solomon, M. G. (2013). Fundamentals of information systems security. Jones & Bartlett Publishers.

Kshetri, N. (2016). The Evolution of Rules and Institutions in Cybersecurity: Cloud Computing and Big Data. In The Quest to Cyber Superiority (pp. 25-52). Springer International Publishing.

Limoncelli, T. A., Chalup, S. R., & Hogan, C. J. (2014). The Practice of Cloud System Administration: Designing and Operating Large Distributed Systems (Vol. 2). Pearson Education.

Lloyd, I. (2014). Information technology law. Oxford University Press, USA.

Moerel, L. (2014). Big Data Protection. How to Make the Draft EU Regulation on Data Protection Future Proof.

Mutkoski, S. (2013). Cloud computing, regulatory compliance, and student privacy: A guide for school administrators and legal counsel. J. Marshall J. Info. Tech. & Privacy L., 30, 511.

Reed, A., & Bennett, S. G. (2012). Silver clouds, dark linings: A concise guide to cloud computing. Pearson Education.

Wang, H., Wu, S., Chen, M., & Wang, W. (2014). Security protection between users and the mobile media cloud. IEEE Communications Magazine, 52(3), 73-79.