




























Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A set of exam questions related to cloud computing. The questions cover topics such as the main characteristics of cloud computing, virtual appliances, full virtualization and para-virtualization, VME requirements, public and private cloud, platform as a service, security architecture design, application security, AWS services, and development technologies. The document also includes a section on challenges in cloud computing, computing platforms and technologies, virtualization for Linux and Windows, layered cloud architectural development design, secure software development life cycle, and GAE functional modules. The exam questions are suitable for university students studying information technology, computer science, and engineering.
Typology: Study notes
1 / 36
This page cannot be seen from the preview
Don't miss anything!





























UNIVERSITY QUESTIONS
B.E./B.Tech. DEGREE EXAMINATIONS, NOVEMBER/DECEMBER 2021. Seventh/Eighth Semester Computer Science and
(b) Outline the various deployment models of cloud with neat sketch and identify which among them could be applied to formulate cloud structure for a small firm.
1. What is the use of elasticity in cloud? Cloud Elasticity enables organizations to rapidly scale capacity up or down, either automatically or manually. Cloud Elasticity can refer to 'cloudbursting' from on-premises infrastructure into the public cloud for example to meet a sudden or seasonal demand. 2. Define on-demand provisioning? customers are provided with resources on runtime. In this delivery model, cloud resources are deployed to match customers' fluctuating demands. Deployments can scale up to accommodate spikes in usage and down when demands decrease. 3. Write the two major roles in SOA? There are two major roles within Service-oriented Architecture: Service provider: The service provider is the maintainer of the service and the organization that makes available one or more services for others to use. 4. Discuss the purpose of publish – subscribe model? The publish-subscribe (pub/sub) model enables event-driven architecture, which is required in several modern applications. You can use events to trigger and communicate between decoupled services. An event is a change in state, or an update, like an item being placed in a shopping cart. 5. Why do we need hybrid cloud? Justify The primary benefit of a hybrid cloud is agility. The need to adapt and change direction quickly is a core principle of a digital business. Your enterprise might want (or need) to combine public clouds, private clouds, and on-premises resources to gain the agility it needs for a competitive advantage. 6. Give the advantages of storage-as-a-service? The key benefit to STaaS is that you are offloading the cost and effort to manage data storage infrastructure and technology to a third-party CSP. This makes it much more effective to scale up storage resources without investing in new hardware or taking on configuration costs. 7. State the difference resource provisioning methods?
The three models are advanced provisioning, dynamic provisioning and user self-provisioning. With advanced provisioning, the customer signs a formal contract of service with the cloud provider. The provider then prepares the agreed-upon resources or services for the customer and delivers them.
8. Illustrate password assurance testing? Password Assurance Testing is a service that can be used to harness the computational power of the cloud in attempts to break into a company's system by guessing passwords. This approach minimizes resources and time spent on the client side. 9. Give some of the application of GAE. What are the benefits of cloud federation? Google App Engine (often referred to by the acronym GAE or simply App Engine) is a cloud computing platform as a service for developing and hosting web applications in Google- managed data centers. Applications are sandboxed and run across multiple servers.
Cloud computing is all about renting computing services. This idea first came in the 1950s. In making cloud computing what it is today, five technologies played a vital role. These are distributed systems and its peripherals, virtualization, web 2.0, service orientation and utility computing ● Distributed Systems: It is a composition of multiple independent systems but all of them are depicted as a single entity to the users. The purpose of distributed systems is to share resources and also use them effectively and efficiently. Distributed systems possess characteristics such as scalability, concurrency, continuous availability, heterogeneity, and independence in failures. But the main problem with this system was that all the systems were required to be present at the same geographical location. Thus to solve this problem, distributed computing led to three more types of computing and they were-Mainframe computing, cluster computing, and grid computing. ● Mainframe computing: Mainframes which first came into existence in 1951 are highly powerful and reliable computing machines. These are responsible for handling large data such as massive input-output operations. Even today these are used for bulk processing tasks such as online transactions etc. These systems have almost no downtime with high fault tolerance. After distributed computing, these increased the processing capabilities of the system. But these were very expensive. To reduce this cost, cluster computing came as an alternative to mainframe technology. ● Cluster computing: In 1980s, cluster computing came as an alternative to mainframe computing. Each machine in the cluster was connected to each other by a network with high bandwidth. These were way cheaper than those mainframe systems. These were equally capable of high computations. Also, new nodes could easily be added to the cluster if it was required. Thus, the problem of the cost was solved to some extent but the problem related to geographical restrictions still pertained. To solve this, the concept of grid computing was introduced. ● Grid computing: In 1990s, the concept of grid computing was introduced. It means that different systems were placed at entirely different geographical locations and these all were connected via the internet.
These systems belonged to different organizations and thus the grid consisted of heterogeneous nodes. Although it solved some problems but new problems emerged as the distance between the nodes increased. The main problem which was encountered was the low availability of high bandwidth connectivity and with it other network associated issues. Thus. cloud computing is often referred to as “Successor of grid computing”. ● Virtualization: It was introduced nearly 40 years back. It refers to the process of creating a virtual layer over the hardware which allows the user to run multiple instances simultaneously on the hardware. It is a key technology used in cloud computing. It is the base on which major cloud computing services such as Amazon EC2, VMware vCloud, etc work on. Hardware virtualization is still one of the most common types of virtualization. ● Web 2.0: It is the interface through which the cloud computing services interact with the clients. It is because of Web 2.0 that we have interactive and dynamic web pages. It also increases flexibility among web pages. Popular examples of web 2.0 include Google Maps, Facebook, Twitter, etc. Needless to say, social media is possible because of this technology only. It gained major popularity in 2004. ● Service orientation: It acts as a reference model for cloud computing. It supports low-cost, flexible, and evolvable applications. Two important concepts were introduced in this computing model. These were Quality of Service (QoS) which also includes the SLA (Service Level Agreement) and Software as a Service (SaaS). ● Utility computing: It is a computing model that defines service provisioning techniques for services such as compute services along with other major services such as storage, infrastructure, etc which are provisioned on a pay-per-use basis.
12. (a) Describe in detail about the REST a software architecture style for distributed systems? REpresentational State Transfer (REST) is a software architectural style that defines the constraints to create web services. The web services that follows the REST architectural style is called RESTful Web Services. It differentiates between the computer system and web services. The REST architectural style describes the six barriers.
customer's data codes. Servers are not connected with the user interface or user status to make the server simpler and scalable. Servers and clients are independently replaced and developed until the interface is changed.
(b) Illustrate the migration steps and performance effects involved in live VM. The phases a particular VM undergoes during a migration to Google Cloud. Some phases are optional, and others are unavailable during cloud-to-cloud migrations. Full migration The full migration operation moves VMs in one step from source to target. In doing so, it:
A test clone creates clones of selected VMs to test them in Compute Engine. The test clone behaves like the live systems and leverages data from the source VM. However, test clones do not modify any live data because data from the test environment is not written back on-premises. Upon creating a test clone, Migrate for Compute Engine:
● - Automated provisioning ● - Single Sign On ● - Subscription based billing ● - High availability ● - Elastic Infrastructure ● - Data Security ● - Application Security ● - Rate limiting/QoS ● - Audit Multi-tenancy Model Multi-tenancy is a kind of software architecture in which a single deployment of a software application serves multiple customers. Each customer is called a tenant. Tenants may be given the ability to customize some parts of the application, now a days applications are designed in a such a way that per tenant, the storage area is segregated by having different database altogether or having a different sachems inside a single database or same database with discriminators. Automated Provisioning The users should be able to access the SaaS applications on the fly, which means the process of provisioning the users with the services needs to be automated. SaaS applications are typically used by B2B/B2C customers and this requirement demands creating companies/users just by invoking web services and provide the access credentials. Most of the SaaS applications provide this critical feature and a great example would be CREST API from Microsoft. Cloud Services Broker (CSB) platforms can automate this procedure to provide access to SaaS applications on demand basis. Another important characteristic is the de-provisioning ability - remove the access from the user/organizations whenever the customer decides not to use the Software as a Service applications. A good example for this is Salesforce, used by sales folks to manage the sales related operations. Typically, Salesforce tenant gets created for an organization with unique identification by invoking APIs of Saleforce. Another set of APIs are called to create users under the tenant and the access credentials are shared to user. Also delete API is called for when an organization decides to discontinue the application. Single Sign On An enterprise organization would want to have a single identity system in place in order to authenticate the various systems which are going to be consumed by users. Also, it is important for enterprises to have a single page to provide login credentials and access all Software as a Service applications provisioned to the respective users. So, Software as a Service applications should be easily integrated with various identity management systems without much change. It is also a big maintenance overhead for enterprises to store & maintain multiple credentials per system which are used by enterprise users. So it becomes important to enable Single Sign On for SaaS applications to authenticate against existing identity system and provide an experience of logging in once and use the various systems. Typically, Software as a Service applications use SAML or OpenID kind of impersonations to enable this critical piece. Also, another important factor is that the SaaS applications are multi-tenant, each tenant would want to authenticate against their own identity & access management system.
SaaS applications should be equipped with protection against vulnerabilities. Typically, they should be protected against OWASP/SAN identified vulnerabilities. Also, strong identity and access management controls should be enabled for SaaS applications. The other aspects that make the Software as a Service application secure are the following: ● Strong session management, protection against hijack the session ● Identifying unauthorized session, protection against multi-session etc. ● Usage of cookies not storing sensitive data, follow Cookie etc. ● Step-Up authentication like password lock out etc. ● Multi factor authentication ● Strong implementation on separation of duties ● Protection against DoS/DDoS ● Protection against buffer overflow attacks ● Also integration points open with CASB will help in gaining confidence of the customers. Rate Limiting/QoS Every business has preferred/important users apart from the regular list of users using the applications. These days, in order to provide better service to all class of customers, rate limiting is a good feature to have. The number of hits/ number of transaction can be technically limited to ensure the smooth business transactions. Also, SaaS applications can be enabled with Rate limiting/QoS configure-ability which helps organizations to manage their user base. Audit Generally SaaS applications are equipped with providing audit logs of business transactions and this enables customers to work out a business strategy by applying business intelligence plans. These services also should be able to comply with government regulations and internal policies. (b) (i) compare and contrast : public, private and hybrid cloud? The term cloud computing spans a range of classifications, types, and architecture models. This networked computing model has transformed how we work—you’re likely already using the cloud. But the cloud isn’t one thing—cloud computing can be categorized into three general types: ● Public cloud is cloud computing that’s delivered via the internet and shared across organizations. ● Private cloud is cloud computing that is dedicated solely to your organization. ● Hybrid cloud is any environment that uses both public and private clouds. This article looks at cloud computing at the highest level by: ● Defining cloud computing ● Exploring public, private, and hybrid cloud environments ● Sharing use cases and examples Public vs private vs hybrid cloud: At a glance
(ii) List the architectural design challenges in cloud computing? Introduction Cloud computing is an emerging technology and has many challenges in various aspects of information handling. Challenges in Cloud Computing