unit-ii : virtualization & common standards in cloud … · 2. open virtualization format open...
TRANSCRIPT
Cloud Computing
UNIT-II :
VIRTUALIZATION & COMMON STANDARDS IN CLOUD
COMPUTINGProf. S. S. KasualyeDepartment of Information TechnologySanjivani College of Engineering, Kopargaon
Common Standards
1. Open Cloud Consortium
The Open Commons/Cloud Consortium (OCC) is a not for profit
that manages and operates cloud computing and data commons
infrastructure to support scientific, medical, health care and
environmental research.
1. Open Cloud Consortium (continue…)
The Open Cloud Consortium (OCC) supports:
1. the development of standards for cloud computing and frameworks for interoperating between clouds;
2. supports the development of benchmarks for cloud computing;
3. supports open source software for cloud computing;
4. manages a testbed for cloud computing called the Open Cloud Testbed; sponsors workshops and other events related to cloud computing.
1. Open Cloud Consortium (continue…)
The OCC members:
1. Companies: Aerospace, Booz Allen Hamilton, Cisco, InfoBlox,
Open Data Group, Raytheon, Yahoo
2. Universities: CalIT2, Johns Hopkins, MIT Lincoln Lab,
Northwestern Univ., University of Illinois at Chicago,
University of Chicago
3. Government agencies: NASA
1. Open Cloud Consortium (continue…)
The OCC Mission
1. Manage storage and data commons infrastructure, such as the Open Science Data Cloud Public Data Commons, the Environmental Data Commons, the BloodPAC Commons, the Biomedical Data Commons, and various contract-specific commons.
2. Provide a governance framework to align various stakeholders in the success of a Data Commons.
3. Provide index, metadata, transfer and other value services supporting data commons activities.
4. Manage cloud computing infrastructure such as the Open Science Data Cloud, to support scientific, environmental, medical and health care research.
1. Open Cloud Consortium (continue…)
5. Manage cloud computing testbeds, such as the Open Cloud Testbed, to improve cloud computing software and services.
6. Develop reference implementations, benchmarks and standards, such as the MalStone Benchmark, to improve the state of the art of cloud computing.
7. Sponsor workshops and other events related to cloud computing and data commons to educate the community.
2. Open Virtualization Format
Open Virtualization Format (OVF) is an open standard for
packaging and distributing virtual appliances or, more generally,
software to be run in virtual machines.
An OVF package contains multiple files in a single directory.
The directory always contains an Extensible Markup Language
(XML) file called the OVF descriptor with the name, hardware
requirements, and references to other files in the package.
2. Open Virtualization Format (continue…)
In addition, the OVF package typically contains a network
description, a list of virtual hardware, virtual drives, certificate
files, information about the operating system (OS) and in some
cases, a human-readable description of every information item.
2. Open Virtualization Format (continue…)
The OVF specification defines two specific ways of grouping files:
1. OVF Package
– An OVF package is a group of files required for importing the virtual
machine, and are generally found in a single folder. This is the
minimum requirement of the specification.
2. OVA Package
– An Open Virtualization Appliance (OVA) package is a single file archive of
the .ovf file, .vhd file, .mf file and, if applicable, the .cert file. The OVF
specification requires an archive to be in the TapeARchive (TAR) format.
2. Open Virtualization Format (continue…)
Features of OVF include:
Support for Content Verification: OVF supports integrity checking and the verification of content depending on the industry-standard public key infrastructure. It also provides a strategy for management and software licensing.
Validation Support: While installing the virtual machine life cycle management process, OVF supports the validation of every single virtual machine and the complete package. Detailed user-readable descriptive information is also provided with every package.
2. Open Virtualization Format (continue…)
Features of OVF include:
Support for Single and Multiple Virtual Machine (VM) Configurations: OVF supports both standard single VM packages and complex multitier package services that include multiple interdependent VMs.
Extensibility: OVF is designed to be extensible, and can support new technological advancements.
Enables Portable Packaging: Because the OVF is platform-independent, it allows for platform-specific enhancements.
Vendor and Platform Independence: OVF is independent of a specific host platform, virtualization platform, or guest operating system.
3. Standards for Application Developers
1. Browsers (AJAX) :
– Ajax (Asynchronous JavaScript And XML) is a set of Web
development techniques on the client side to create
asynchronous Web applications.
– Web application communicates with a server in the
background, without interfering with the current state of the
page.
3. Standards for Application Developers
Following technologies are incorporated:
1. HTML (or XHTML) and CSS for presentation
2. The Document Object Model (DOM) for dynamic display of and interaction with data
3. JSON or XML for the interchange of data, and XSLT for its manipulation
4. The XMLHttpRequest object for asynchronous communication
5. JavaScript to bring these technologies together
3. Standards for Application Developers
2. JASON (JavaScript Object Notation) :
– Douglas Crockford originally specified the JSON format in the
early 2000 which is a lightweight data-interchange format.
– It is based on a subset of the JavaScript Programming Language
– It is a very common data format used for asynchronous
browser–server communication, including as a replacement
for XML in some AJAX-style.
2. JASON (continue) :
A possible JSON representation describing a person.
3. Standards for Application Developers
3. Solution Stack :
– Solution stack or software stack is a set of software subsystems
or components needed to create a complete platform without
any additional software support.
– Applications are said to "run on" or "run on top of" the
resulting platform.
– Ex. To develop web application the stack can be target OS, web
server, database, and programming language.
3. Standards for Application Developers
3. Solution Stack :
– Solution stack or software stack is a set of software subsystems
or components needed to create a complete platform without
any additional software support.
– Applications are said to "run on" or "run on top of" the
resulting platform.
– Ex. To develop web application the stack can be target OS, web
server, database, and programming language.
3. Standards for Application Developers
3. Solution Stack (continue…) :
– LAMP
– It is model of web service stacks, named as an acronym of its
four open-source components: the Linux operating system, the
Apache HTTP Server, the MySQL relational database
management system (RDBMS), and the PHP programming
language.
3. Standards for Application Developers
3. Solution Stack (continue…) :
– LAMP components are largely interchangeable and not limited
to the original selection.
– As a solution stack, LAMP is suitable for building dynamic web
sites and web applications
3. Standards for Application Developers
3. Solution Stack (continue…) :
– LAPP
– The LAPP stack is an open source web platform that can be
used to run dynamic web sites and servers.
– It is considered as a powerful alternative to LAMP stack.
– It includes Linux, Apache, PostgreSQL (instead of MySQL) and
PHP, Python and Perl.
3. Standards for Application Developers
3. Syndication (Atom, Atom Publishing Protocol, and RSS)
– A group of people or companies who join together in order to
share the cost of a particular business operation for which a
large amount of money is needed.
– The name Atom is related to pair of related Web standards.
The Atom Syndication Format is an XML language used for web
feeds.
– Atom Publishing Protocol (AtomPub or APP) is a simple HTTP-
based protocol for creating and updating web resources
3. Standards for Application Developers
3. Syndication (Atom, Atom Publishing Protocol, and RSS)
– RSS is a family of Web feed formats used to publish updated
content such as blog entries, news headlines or podcasts.
– An RSS document, which is called a "feed," "web feed," or
"channel," contains either a summary of content from an
associated web site or the full text.
– RSS makes checking website automated.
3. Standards for Application Developers
3. Standards for Application Developers
4. RSS (Really Simple Syndication)
– Syndication: Transfer of something for control or management
by a group of individuals or organizations.
– Versions of Web content syndication:
•RDF Site Summary (RSS 0.9, RSS 1.0)
•Rich Site Summary (RSS 0.91, RSS 1.0)
•Really Simple Syndication (RSS 2.0)
– It represents the standardized web feed syndication.
Originally developed by Netscape
3. Standards for Application Developers
4. RSS (continue...)
– It is a type of web feed which allows users to access updates to
online content in a standardized, computer-readable format.
– RSS is an XML-based format and used in different ways for
content distribution.
– Its most widespread usage is in distributing news headlines on
the Web.
3. Standards for Application Developers
4. RSS (continue...)
– There are many RSS readers that offer a free version and an
upgraded version. Here are a few popular readers:
• Feedly for web, iOS, Android
• Panda is a Chrome extension, web, iOS
• Reeder 3 for Mac and iOS
• Feeder for Android, Chrome, and iOS
• Feedreader for Windows
3. Standards for Application Developers
4. RSS (continue...)
– There are millions of RSS feeds worldwide that can be
subscribed.
– CNN RSS
– NFL football news feeds
– BBC news feeds
– Hurricane Watch news feeds
– BBC
– TechCrunch
– Wired RSS feeds
4. Security Standards
1. SAS 70 (Statement on Auditing Standards No. 70)
– Most commonly adopted security standard.
– Roughly 67% of cloud service providers follow SAS 70
– Internationally recognized auditing standard developed by the
American Institute of Certified Public Accountants (AICPA).
– Defines standards an auditor must employ in order to assess
the contracted internal controls
4. Security Standards
2. PCI DSS (Payment Card Industry Data Security Standard)
– 42% of cloud service providers follow the PCI DSS standard.
– Global security standard that applies to all organizations
which hold, process or exchange credit card or credit card
holder information.
– This standard was created to give the payment card industry
increased controls around data and to ensure it is not exposed.
– It is also designed to ensure that consumers are not exposed to
potential financial or identity fraud and theft when using a
4. Security Standards
3. ISO 27001
– 33% of cloud service providers adhere to ISO 27001, published
in 2005.
– It is specification for an Information Security Management
System (ISMS).
– The objective of ISO 27001 is to provide a model for
establishing, implementing, operating, monitoring, reviewing,
maintaining and improving ISMS.
4. Security Standards
3. ISO 27001 (continue...)
– ISMS is a framework of policies and procedures that includes
all legal, physical and technical controls involved in an
organization's information risk management processes.
4. Security Standards
4. NIST (National Institute of Standards and Technology)
– Originally designed for federal agencies, emphasize the
importance of security controls and how to implement them.
– The NIST standards specifically designed for government, but
have recently been adopted by the private sector as well.
– NIST covers what should be included in an IT security policy
and what can be done to boost security, how to manage a
secure environment, and applying a risk management
framework.
– 25% of cloud service providers adhere to NIST standards.