A Review on Cloud Computing: Design Challenges in Architecture and Security
Total Page:16
File Type:pdf, Size:1020Kb
Journal of Computing and Information Technology - CIT 19, 2011, 1, 25–55 25 doi:10.2498/cit.1001864 A Review on Cloud Computing: Design Challenges in Architecture and Security Fei Hu1, Meikang Qiu2,JiayinLi2, Travis Grant1, Draw Tylor1, Seth McCaleb1, Lee Butler1 and Richard Hamner 1 1 Department of Electrical and Computer Engineering, University of Alabama, Tuscaloosa, AL, USA 2 Department of Electrical and Computer Engineering, University of Kentucky, Lexington, KY, USA Cloud computing is becoming a powerful network archi- Rather than hard-wire data circuits between the tecture to perform large-scale and complex computing. provider and customers, telephone companies In this paper, we will comprehensively survey the concepts and architecture of cloud computing, as well began using VPN-based services to transmit as its security and privacy issues. We will compare data. This allowed providers to offer the same different cloud models, trust/reputation models and amount of bandwidth at a lower cost by rerout- privacy-preservation schemes. Their pros and cons ing network traffic in real-time to accommo- are discussed for each cloud computing security and architecture strategy. date ever-changing network utilization. Thus, it was not possible to accurately predict which Keywords: cloud computing, security, privacy, computer path data would take between the provider and networks, models customer. As a result, the service provider’s network responsibilities were represented by a cloud symbol to symbolize the black box of sorts from the end-users’ perspective. It is in 1. Introduction this sense that the term “cloud” in the phrase cloud computing metaphorically refers to the Cloud computing is quickly becoming one of Internet and its underlying infrastructure. the most popular and trendy phrases being tossed Cloud computing is in many ways a conglom- around in today’s technology world. “It’s be- erate of several different computing technolo- coming the phrase du jour”, says Gartner’s Ben [ ] gies and concepts like grid computing, virtu- Pring 1 . It is the big new idea that will alization, autonomic computing [40], Service- supposedly reshape the information technol- ( )[ ] ( ) oriented Architecture SOA 43 , peer-to-peer ogy IT services landscape. According to The (P2P) computing [42], and ubiquitous comput- Economist in a 2008 article, it will have huge ing [41]. As such, cloud computing has inher- impacts on the information technology industry, ited many of these technologies’ benefits and and also profoundly change the way people use [ ] drawbacks. One of the main driving forces computers 2 . What exactly is cloud comput- behind the development of cloud computing ing then, and how will it have such a big impact was to fully harness the already existing, but on people and the companies they work for? under-utilized computer resources in data cen- In order to define cloud computing, it is first ters. Cloud computing is, in a general sense, necessary to explain what is referenced by the on-demand utility computing for anyone with phrase “The Cloud”. The first reference to access to the cloud. It offers a plethora of IT “The Cloud” originated from the telephone in- services ranging from software to storage to dustry in the early 1990s, when Virtual Pri- security, all available anytime, anywhere, and vate Network (VPN) service was first offered. from any device connected to the cloud. More 26 A Review on Cloud Computing: Design Challenges in Architecture and Security formally, the National Institute of Standards and simple; the cloud (internet) can be utilized to Technology (NIST) defines cloud computing as provide services that would otherwise have to a model for convenient, on-demand network ac- be installed on a personal computer. For ex- cess to computing resources such as networks, ample, service providers may sell a service servers, storage, applications, and services that to customers which would provide storage of can be quickly deployed and released with very customer information. Or perhaps a service little management by the cloud-provider [4].Al- could allow customers to access and use some though the word “cloud” does refer to the In- software that would otherwise be very costly ternet in a broad sense, in reality, clouds can in terms of money and memory. Typically, ( be public, private, or hybrid a combination of cloud computing services are sold on an “as ) both public and private clouds . Public clouds needed” basis, thus giving customers more con- provide IT services to anyone in the general pub- trol than ever before. Cloud computing ser- lic with an Internet connection and are owned vices certainly have the potential to benefit both and maintained by the company selling and dis- providers and users. However, in order for cloud tributing these services. In contrast, private computing to be practical and reliable, many ex- clouds provide IT services through a privately- isting issues must be resolved. owned network to a limited number of people within a specific organization. With ongoing advances in technology,the use of As two examples of public consumer-level clouds cloud computing is certainly on the rise. Cloud consider Yahoo!R Mail and YouTube. Through computing is a fairly recent technology that re- these two sites, users access data in the form lies on the internet to deliver services to paying of e-mails, attachments, and videos from any customers. Services that are most often used device that has an Internet connection. When with cloud computing include data storage and users download e-mails or upload videos, they accessing software applications (Figure 1).The do not know where exactly the data came from use of cloud computing is particularly appealing or went. Instead, they simply know that their to users for two reasons: it is rather inexpensive data is located somewhere inside the cloud. In and it is very convenient. Users can access data reality, cloud computing involves much more or use applications with only a personal com- complexity than the preceding two examples puter and internet access. Another convenient illustrate and it is this behind the scenes com- aspect of cloud computing is that software ap- plexity that makes cloud computing so appeal- plications do not have to be installed on a user’s ing and beneficial to individual consumers and computer, they can simply be accessed through large businesses alike. the internet. However, as with anything else Cloud computing is an emerging technology that seems too good to be true, there is one cen- from which many different industries and in- tral concern with the use of cloud computing dividuals can greatly benefit. The concept is technology – security [44]. Figure 1. Cloud computing [5]. A Review on Cloud Computing: Design Challenges in Architecture and Security 27 In the internet, people like to use email for The bottom layer is the physical hardware, namely communication because of its convenience, ef- the cloud-provider owned servers and switches ficiency and reliability. It’s well known that that serve as the cloud’s backbone. Customers most of the contexts have no special meaning, who use this layer of the cloud are usually big which means it’s more likely our daily com- corporations who require an extremely large munication. So, such context is less attractive amount of subleased Hardware as a Service for the hacker. However, when two people or (HaaS). As a result, the cloud-provider runs, two groups, even two countries, want to com- oversees, and upgrades its subleased hardware municate using the internet secretly, for each communication partners they need some kind for its customers. Cloud-providers must over- of encryption to ensure their privacy and confi- come many issues related to the efficient, smooth, dentiality. For sake of that such situation occurs and quick allocation of HaaS to their customers, rarely, users don’t want to make their processor and one solution that allows providers to ad- slower by encrypting the email or other docu- dress some of these issues involves using re- ments. There must be a way for the users to mote scriptable boot-loaders. Remote script- easily encrypt their document only when they able boot-loaders allow the cloud-provider to require such service. specify the initial set of operations executed by In the rest of the paper, we will first survey the servers during the boot process, meaning typical architectures from networks layers view- that complete stacks of software can be quickly point. Then we will discuss cloud models. Next implemented by remotely located data center we move to security issues such as encryption- servers. on-demand. The privacy preservation models will be described. In each part where multiple The next layer consists of the cloud’s software schemes are presented, we will also compare kernel. This layer acts as a bridge between their pros and cons. the data processing performed in the cloud’s hardware layer and the software infrastructure layer which operates the hardware. It is the 2. Cloud Computing Architecture lowest level of abstraction implemented by the cloud’s software and its main job is to man- age the server’s hardware resources while at the 2.1. Abstract Layers same time allowing other programs to run and utilize these same resources. Several different To begin understanding cloud computing in implementations of software kernels include op- some sort of detail, it is necessary to examine erating system (OS) kernels, hypervisors, and it in abstraction layers beginning at the bottom and working upwards. Figure 2 illustrates the clustering middleware. Hypervisors allow mul- five layers that constitute cloud computing [44]. tiple OSs to be run on servers at the same time, A particular layer is classified above another if while clustering middleware consists of soft- that layer’s services can be composed of ser- ware located on groups of servers, which allows vices provided by the layer beneath it.