ISCA Chapter 8

8. Emerging Technologies 8.1 – Cloud Computing • Cloud computing means the use of computing resources as a service through networks, typically the Internet. • With Cloud Computing, users can access database resources via the Internet from anywhere, for as long as they need, without worrying about any maintenance or management of actual resources. • The best example of cloud computing is Google Apps where any application can be accessed using a browser and it can be deployed on thousands of computer through the Internet. • Cloud computing is both, a combination of software and hardware based computing resources delivered as a networked service. • Cloud computing provides the facility to access shar ed resources and common infrastructure offering services on demand over the network to perform operations. The location of physical resources and devices being accessed are typically not known to the end user. • With cloud computing, large companies can scale up to massive capacities in an instant without having to invest in new infrastructure, train new personnel or license new software and small & medium -sized business systems can completely outsource their data-centre infrastructure. • In cloud computing , service consumers use ‘ what they need on the Internet’ and pay only for ‘what they use’ . 8.1.1 – Cloud computing vs. Grid Computing • Grid computing requires the use of software that can divide and carve out pieces of a program as one large system image to several thousand computers.  One concern about grid is that if one piece of the software on a node fails, other pieces of the software on other nodes may fail.  Large system images and associated hardware to operate and maintain them, can contribute to large capital and operating expenses. • Some pertinent similarities and differences are highlighted as follows: i). Cloud computing and grid computing both are scalable. ii). Both computing types involve multi- tenancy and multitasking, meaning that many customers can perform different tasks, accessing a single or multiple application instances. iii). Cloud and grid computing provide Service- Level Agreements (SLAs) for guaranteed uptime availability of, say, 99 percent. If the service slides below the level of the guaranteed uptime service, the consumer will get service credit for receiving data not in stipulated time. iv). T he storage computing in the grid is well suited for data- intensive storage while in cloud computing, we can store an object as low as 1 byte and as large as several terabytes. v). A computational grid focuses on computationally in tensive operations, while cloud computing offers two types of instances: standard and high -CPU. 8.1.2 – Goals of Cloud Computing • Major goals of cloud computing are as follows:  To create a highly efficient IT ecosystem, where resources are pooled together and costs are aligned with what resources are actually used;  To access services and data from anywhere at any time;  To scale the IT ecosystem quickly, easily and cost -effectively based on evolving business needs;  To consolidate IT infrastructure into a more integrated and manageable environment;  To reduce costs related to IT energy/power consumption;  To enable or improve "Anywhere Access" (AA) for ever increasing users; and  To enable rapidly provision resources as needed. 8.1.3 – Cloud Computing Architecture • The Cloud Computing Architecture (CCA) of a cloud solution is the structure of the system, which comprises of on -premise and cloud resources, services, middleware, and software components, their geo -location, their externally visible properties and the relationships between them. • A Cloud Computing Architecture (CCA) consists of a front end and a back end. They connect to each other through a network, usually the internet. i). Front End Architecture –  The front end of the cloud computing system comprises of the clients devices and some applications needed for accessing the cloud computing system.  All the cloud computing systems do not give the same interface to users.  Web services like electronic mail programs use some existing web browsers such as firefox, Apple’s Safari or Microsoft internet explorer. Other types of systems have some unique applications which provide network access to its client s. ii). Back End Architecture –  Back end refers to some service facilitating peripherals.  The back end is cloud itself, which may encompass various computer machines, data storage systems and servers. Groups of these clouds make up a whole cloud computing system.  Theoretically, a cloud computing system can include any type of web application p rogram such as video games , software development and entertainment.  Usually, every application would have its individual dedicated server for services. iii). Central Server –  A Central Server is established to be used for administering the whole system.  It is also used for monitoring clients demand as well as traffic to ensure that everything of system runs without any problem.  There are some sets of rules, technically referred as protocols, are followed by this server and it uses a special type of software kno wn as middleware. Middleware allows computers that are connected on networks to communicate with each other. 8.1.4 – Cloud Computing Environment • The cloud computing environment can consist of multiple types of clouds based on their deployment and usage. Such typical Cloud computing environments are described as follows – 1) Public Clouds:  This environment can be used by the general public and includes individuals, corporations and other types of organizations.  P ublic clouds are administrated by third parties or vendors over the Internet, and the services are offered on pay -per-use basis. These are also called provider clouds.  Advantages –  It is widely used in the development, deployment and management of enterprise applications, at affordable costs.  It allows the organizations to deliver highly scalable an d reliable applications rapidly and at more affordable costs.  Disadvantage –  One of the limitations is security assurance and thereby building trust among the clients is far from desired but slowly liable to happen. 2) Private Clouds:  This cloud computing environment resides within the boundaries of an organization and is used exclusively for the organization’s benefits. These are also called internal clouds.  They are built primarily by IT departments within enterprises, who seek to optimize utilization of infrastructure resources within the enterprise.  Advantages –  They improve average server utilization; which allow usage of low -cost servers and hardware; thus reducing the costs that a greater number of servers would otherwise entail.  High levels of automation is largely responsible for reducing operations costs and administrative overheads .  Limitations –  One major limitation is that IT teams in the organization may have to invest in buying, building and managing the clouds independently. 3) Hybrid Cloud:  This is a combination of both at least one private and at least one public cloud computing environments - usually, consisting of infrastructure, platforms and applications.  It is typically offered in either of two ways –  A vendor has a private cloud and forms a partnership with a public cloud provider ; or  A public cloud provider forms a partnership/franchis e with a vendor that provides private cloud platforms. 8.1.5 – Cloud Computing Models 1) Infrastructure as a Service (IaaS):  IaaS providers offer computers, more often virtual machines and other resources as service.  It provides the infrastructure required to host the services ourselves.  In order to deploy their applications, cloud clients install operating -system images and their application software on the cloud infrastructure.  Example – Amazon EC2, Azure Service Platform, Dyn DNS, Google Compute Engine, HP Cloud etc. 2) Platform as a Service ( PaaS):  Cloud providers deliver a computing platform including operating system, programming language execution environment, database, and web server.  In PaaS, one can make applications and software’s on other’s database. It gives us the platform to create, edit, run and manage the application program . All the development tools are provided.  Examples – AWS Elastic Beanstalk, Cloud Foundry, Heroku, Force.com, EngineYard etc. 3) Software as a Service (SaaS):  SaaS pro vides users to access large variety of applications over internets that are hosted on service provider’s infrastructure.  Example – one can make word document in Google docs online, edit a photo online on pixlr.com - thus Google is provisioning software as a service. 4) Network as a Service (NaaS):  NaaS is a category of cloud services where the capability provided to the cloud service user is to use network connecting services.  NaaS involves optimization of resource allocation by considering network and computing resources as a whole.  Some of the examples are: Virtual Private Network, Mobile Network Virtualization etc. 5) Communication as a Service (CaaS):  CaaS is an outsourced enterprise communication solution. The CaaS vendor is responsible for all hardw are and software management and offers guaranteed Quality of Service (QoS).  It allows businesses to selectively deploy communication devices and modes on a pay -as-you -go, as -needed basis. This approach eliminates the large capital investments.  Examples – Voice over IP (VolP), Instant Messaging (IM), Collaboration and Videoconferencing application using fixed and mobile devices. 8.1.6 – Characteristics of Cloud Computing • High Scalability:  Cloud environments enable servicing of business requirements for larger audiences, through high scalability. • Agility:  The cloud works in the ‘distributed mode ‘environment. It shares resources among users and tasks, while improving efficiency and agility (responsiveness). • High Availability and Reliability:  Availability of servers is supposed to be high and more reliable as the chances of infrastructure failure are minimal. • Multi -sharing:  With the cloud working in a distributed and shared mode, multiple users and applications can work more efficiently with cost reduction s by sharing common infrastructure. • Services in Pay -Per-Use Mode:  SLAs between the provider and the user must be defined when offering services in pay per use mode. This may be based on the complexity of services offered. • Virtualization:  This technology allows servers and storage devices to increasingly share and utilize applications, by easy migration from one physical server to another. • Performance:  It is monitored and consistent and loosely coupled architectures are constructed using web services as the system interface. • Maintenance:  The cloud computing applications are easier, because they are not to be installed on each user's computer and can be accessed from different places. 8.1.7 – Issues relating to Cloud Computing • Confidentiality:  Cloud work s on public networks; so, there is a requirement to keep the data confidential the unauthorized entities. With the use of encryption and physical isolation, data can be kept secret. • Integrity:  Integrity refers to the prevention of unauthorized modification of data and it ensures that data is of high quality, correct, consistent and accessible.  Methods like digital signature, Redundant Array of Independent Disks (RAID) strategies etc. are some ways to preserve integrity in Cloud computing. • Availability:  Availability refers to the prevention of unauthorized withholding of data and it ensures the data backup through Business Planning Continuity Planning and Disaster Recovery Planning. Availability can be affected temporarily or permanently, and a loss can be partial or complete. • Governance:  There is a need of governance model, which controls the standards, procedures and policies of the organization. • Trust:  Trust ensures that service arrangements have sufficient means to allow visibility into the security and privacy controls and processes employed by the cloud provider.  Deployment model provided a trust to the cloud environment. • Legal Issues and compliance:  There is a need to understand various types of laws and regulations that impose security and privacy duties on the organization and potentially impact Cloud computing initiatives such as privacy, data location and security controls, records management and E -discovery requirements. • Privacy:  The p rivacy issues are embedded in each phase of the Cloud design. It should include both the legal compliance and trusting maturity. • Audit:  Auditing is type of checking that ‘what is happening in the Cloud environment’.  It is an additional layer before the virtualized application environment, which is being hosted on the virtual machine to watch ‘what is happening in the system’. • Data Stealing:  In a Cloud, data stored anywhere is accessible in public form and private form by anyone at any time. In such cases, an issue aris es as data stealing.  Back up policies such as Continuous Data Protection (CDP) should be implemented in order to avoid issues with data recovery in case of a sudden attack. • Architecture:  In the architecture of Cloud computing models, there should be a control over the security and privacy of the system. The architecture of the Cloud is based on a specific service model. • Identity Management and Access control:  Identity Management and Access control provides a secure authentication and authorization to an organization. • Incident Response:  It ensures to meet the requirements of the organization during an incident.  It ensures that the Cloud provider has a transparent response process in place and sufficient mechanisms to share informat ion during and after an incident. • Software Isolation:  Software isolation is to understand virtualization and other logical isolation techniques and evaluate the risks required for the organization. • Application Security:  To prevent Cloud computing, service provider should have the complete access to the server with all rights for the purpose of monitoring and maintenance of server.  Infected applications need to be monitored and recovered by the Cloud security drivers. 8.1.8 – Advantages of Cloud Com puting • Cost Efficiency:  Cloud computing is probably the most cost efficient method to use, maintain and upgrade.  Besides, there are many one-time -payments, pay-as-you -go and other scalable options available, which make it very reasonable for the company. • Almost Unlimited Storage:  Storing information in the cloud gives us almost unlimited storage capacity. Hence, no more need to worry about running out of storage space or increasing the current storage space availability. • Backup and Recovery:  Since all the data is stored in the cloud, backing it up and restoring the same is relatively much easier than storing the same on a physical device. • Automatic Software Integration:  In the cloud, software integration is usually something that occurs automatically. Not only that, cloud computing allows us to customize the options with great ease. • Easy Access to Information:  Once registered in the cloud, one can access the information from anywhere, where there is an Internet connection. • Quick Deployment:  C loud co mputing gives us the advantage of quick deployment. Once we opt for this method of functioning, the entire system can be fully functional in a matter of a few minutes. 8.1.9 – Pertinent Issues of Cloud Computing • Threshold Policy:  In order to test if the program works, develop, or improve and implement, a threshold policy is of immense importance in a pilot study before moving the program to production environment. • Interoperability:  If a company outsources or creates applications with one cloud computing vendor, the company may find it difficult to change to another computing vendor that has proprietary APIs and different formats for importing and exporting data. Thus, interoperability cannot be achieved.  IBM and Amazon Web Services have worked together to make interoperability happen. • Hidden Costs:  C loud computing service providers do not reveal ‘what hidden costs are’. For instance, companies could incur higher network charges from their service providers for storage and database applications containing terabytes of data in the cloud. • Unexpected Behaviour:  It is important to test the application in t he c loud with a pilot study to check for unexpected behaviour. • Security Issues:  Security is a major issues relating to cloud computing. Instead of waiting for an outage to occur, consumers should do security testing on their own checking how well a vendor can recover data.  Another area of security testing is to test a trusted algor ithm to encrypt the data on the local computer, and then try to access data on a remote server in the cloud using the decryption keys. • Softw are Development in Cloud:  To develop software using high -end databases, the most likely choice is to use cloud server pools at the internal data corporate centre and extend resources temporarily for testing purposes.  This allows project managers to contr ol costs, manage security and allocate resources to clouds for a project. The cost associated with each cloud type may differ from one another. • Environment Friendly Cloud Computing:  One incentive for cloud computing is that it may be more environment friendly.  R educing the number of hardware components needed to run applications on the company's internal data centre and replacing them with cloud computing systems reduces energy for running and cooling hardware. 8.2 – Mobile Computing • Mobile Computing ref ers to the technology that allows transmission of data via a computer without having to be connected to a fixed physical link. • Mobile computing is an emerging field of teaching and research. The goal of mobile computing is to work towards true computing f reedom, whereby users can connect to the network from anywhere, anytime and operate as if they were sitting in the "home" office. • An extension of Mobile voice communication technology is the ability to send and receive data across these cellular networks. This is the fundamental principle of mobile computing. • Mobile data communication has become a very important and rapidly evolving technology as it allows users to transmit data from remote locations to other remote or fixed locations. 8.2.1 – Mobile Comp uting Benefits  It provides mobile workforce with remote access to work order details, such as work order location, contact information, required completion date, asset history relevant service contracts.  It is a versatile and strategic technology that increases information quality and accessibility, enhances operational efficiency and management effectiveness.  It enables mobile sales personnel to update work order status in real-time .  It facilitates access to corporate services and information at any time, from anywhere.  It provides remote access to the corporate Knowledgebase at the job location.  This proves to be the solution of the biggest problem of business people on the move i.e. mobility.  It enables to improve management effectiveness by enhancing information quality, information flow, and ability to control a mobile workforce. 8.3 – Bring Your Own Device (BYOD) • BYOD (Bring Your Own Device) refers to business policy that allows employees to use their pr eferred computing devices, like smart phones and laptops for business purposes. • It means employees are welcome to use personal devices (laptops, smart phones, tablets etc.) to connect to the corporate network to access information and application. • The BY OD policy has rendered the workspaces flexible, empowering employees to be mobile and giving them the right to work beyond their required hours. • Though it has led to an increase in employee’s satisfaction but also reduced IT desktop costs for organization s as employees are willing to buy, maintain and update devices in return for a one- time investment cost to be paid by the organization. 8.3.1 – Emerging BYOD Threats • Network Risks:  It is normally exemplified and hidden in ‘Lack of Device Visibility’.  Whe n company -owned devices are used by all employees, the organization’s IT practice has complete visibility of the devices connected to the network. As BYOD permits employees to carry their own devices, the IT practice team is unaware about the number of devices being connected to the network. As network visibility is of high importance, this lack of visibility can be hazardous.  For example, if a virus hits the network and all the devices connected to the network need be scanned, it is probable that some of the devices would miss out on this routine scan operation. • Device Risks:  It is normally exemplified and hidden in ‘Loss of Devices’.  A lost or stolen device can result in an enormous financial and reputational embarrassment to an organization.  With easy access to company emails as well as corporate intranet, company trade secrets can be easily retrieved from a misplaced device. • Application Risks:  It is normally exemplified and hidden in ‘ Application Viruses and Malware’.  With an increase in mobile usage, mobile vulnerabilities have increased. Organizations are not clear in deciding that ‘who is responsible for device security – the organization or the user’. • Implementation Risks:  It is normally exemplified and hidden in ‘Weak BYOD Policy’.  The eff ective implementation of the BYOD program should not only cover the technical issues mentioned above but also mandate the development of a robust implementation policy. 8.4.1 – Social Media • Social networks are comprised of the most intelligent components - human beings. Due to the various facets of the human species, we can have multiple types of social networks in all the fields. • Each network has its own focus area, member size, geographical spread, societal impact. Managing such networks is not only com plicated but requires lot of collective efforts and collaboration. • Web 2.0 has been one of the greatest contributors in this area and it has been a great contributor in the era called ‘technology diminishing the humane distance’. • A social network is created by a group of individuals, who have a set of common interests and objectives. − There are usually a set of network formulators followed by a broadcast to achieve the network membership. This happens both in public and private groups depending upon t he confidentiality. − After the minimum numbers are met, the network starts its basic operations and goes out to achieve its goal. − Success of a social network mainly depends on contribution, interest and motivation of its members along with technology backbone or platform support . 8.4.2 – Web 2.0 • Web 2.0 is the term given to describe a second generation of the World Wide Web that is focused on the ability for people to collaborate and share information online. • Web 2.0 basically refers to the transition from static HTML Web pages to a more dynamic Web that is more organized and is based on serving Web applications to users. • Other improved functionality of Web 2.0 includes open communication with an emphasis on Web - based communities of users, and more op en sharing of information. • Web 2.0 provides an ideal platform for implementing and helping Social Networks to grow. Blogs, wikis, and Web services are all seen as components of Web 2.0. • The main agenda of Web 2.0 is to co nnect people in numerous new ways and utilize their collective strengths, in a collaborative manner. • The power of Web 2.0 is the creation of new relationships between collaborators and information. 8.4.3 – Components of Web 2.0 for Social Networks • Communities:  These are an online space formed by a group of individuals to share their thoughts, ideas and have a variety of tools to promote Social Networking. • Blogging:  Blogs give the users of a Social Network the freedom to express their thoughts in a free form basis and help in generation and discussion of topics. • Wikis:  A Wiki is a set of co -related pages on a particular subject and allow users to share content. Wikis replace the complex document management systems and are very easy to create and m aintain. • Folksonomy:  Web 2.0 being a people-centric technology has introduced the feature of Folksonomy where users can tag their content online and this enables others to easily find and view other content. • File Sharing/Podcasting:  This is the facility, which helps users to send their media files and related content online for other people of the network to see and contribute. • Mashups:  This is the facility, by using which people on the internet can congregate services from multiple vendors to create a completely new service.  An example may be combining the location information from a mobile service provider and the map facility of Google maps in order to find the exact information of a cell phone device from t he internet, just by entering the cell number. 8.4.4 – Types and Behaviour of Social Networks • Various types of social networks based on needs and goals. Compartmentalizing social networks is quite a challenging activity. • Keeping these in mind, the main cat egories identified are as follows – 1) Social Contacts Networks –  These types of networks are formed to keep in contact with family and friends and becomes the most popular sites on the network today. These have all components of Web 2.0 like wikis, blogging, tagging and forums.  Examples – Orkut, facebook, twitter, etc. 2) Study Circles –  These are social networks dedicated for students, where they can have study topics, placement related queries, etc. These have components like blogging and file sharing.  Examples – College tonight and Fledge Wing, etc. 3) Social Network for Specialist Groups –  These types are designed for core field workers like doctors, engineers, scientists, member of corporate industries.  Example – LinkedIn 4) Networks for Fine Arts –  These types of social networks are dedicated to people linked with music, painting and related arts and have lots of useful networking information for all aspiring people of the same line. 5) Police and Military Networks –  These types of networks, though not on the public domain, operate much like social networks on a private d omain because of confidentiality of information 6) Sporting Networks –  These types of social networks are dedicated to people of sporting fraternity and have a gamut of information related to this field.  Example – Athlinks. 7) Mixed Networks –  There are a number of social networks that have a subscription of people from all the above groups and is a heterogeneous social networks serving multiple types of social collaboration. 8) Social Networks for the Inventors –  These are the networks for the people who have invented the concept of social networks, the very developers and architects that have developed the social networks.  Examples – Technical forums, Mash up centre. 9) Shopping and Utility Service Networks –  The present world of huge consumerism has triggered people to invest in the social networks, which will try to analyze the social behaviour and send related information to various marts . 10) Others –  There are multiple other social networks. Some of these networks die out very fast due to lack of constructive sustenance thoughts while others finally migrate to a more specialist network. 8.4.5 – Benefits and Challenges for Social Networks using Web 2.0 • Benefits for Social Networks using Web 2.0 are as follows –  Web 2.0 provides a platform where users of the network need not to worry about the implementation or underlying technology at a very affordable cost and a very easy pickup time.  Concepts of Web 2.0 like blogging are some things that people do on a day -to-day basis and no new knowledge skills are required.  Web 2.0 techniques are very people centric activities and thus, adaptation is very fast.  Using Web 2.0 also increases the social collaboration to a very high degree and this in turn helps in achieving the goals for a social network. • Chal lenges for Social Networks using Web 2.0 are as follows –  One of the major aspects is data security and privacy and in such public domains, there is a huge chance of data leak and confidentiality loss because there are usually no centrally mandated adminis trative services to take care of such aspects.  Privacy of individual users also arises and can create a huge problem if malicious users somehow manage to perpetuate the social networks. This is more important for public utility networks like doctors and p olice.  A majority of the social networks are offline, and for bringing these under the purview of online social networks, a lot of education and advertising needs to be done, which itself becomes a cost burden, when the people involved are not computer literate. 8.5 – Green IT • Green IT refers to the study and practice of using computers and IT resources in a more efficient and environmentally friendly and responsible way. • Such practices include the implementation of energy -efficient Central Processing Units, servers and peripherals as well as reduced resource consumption and proper disposal of electronic waste. • Green computing is the environmentally responsible use of computers and related resources. • One of the earliest initiatives toward green computing in the United States was the voluntary labeling program known as Energy Star. It was conceived by the E nvironmental Protection Agency (EPA) in 1992 to promote energy efficiency in hardware of all kinds. • Government regulation is only part of an overall green computing philosophy. The work habits of computer users and businesses can be modified to minimize adverse impact on global environment. • Some of such steps for Green IT include the following:  Power -down the CPU and all peripherals during extended periods of inactivity.  Try to do computer -related tasks during contiguous, intensive blocks of time, leavin g hardware off at other times.  Power -up & power -down energy -intensive peripherals such as laser printers according to need.  Use Liquid Crystal Display (LCD) monitors rather than Cathode Ray Tube (CRT) monitors.  Use notebook computers rather than desktop co mputers whenever possible.  Use the power -management features to turn off hard dr ives and displays after several minutes of inactivity.  Minimize the use of paper and properly recycle waste paper.  Dispose of e -waste according to central, state and local regu lations.  Employ alternative energy sources for computing workstations, servers, network & data centres . 8.5.1 – Green IT Best Practices • From the experience of practicing professionals, there are a range of well identified best practices. A few of those for assurance purposes are listed as follows:  Involving stakeholders on campus yields policies and green IT initiatives more likely to be embraced by the campus community.  Partnering takes advantage of existing efforts and ensures wider reach and more effective use of limited resources.  Guidelines for using the best practices simplify adaption of green IT by campus users and encourage them to consider green computing practices the norm.  On -going communication about and campus commitment to green IT best practices to produce notable results. 8.6 – Life cycle of Social Networks –