1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) 1644 assignment 2 (pass) FPT Greenwich
ASSIGNMENT BRIEF Qualification BTEC Level HND Diploma in Computing Unit number Unit 9: Cloud Computing Assignment title Cloud’s implementation and security threats Academic Year 2021 – 2022 Unit Tutor Ho Hai Van Issue date Submission date 19/10/2022 IV name and date Submission Format: Format: A presentation in Power Point format(about 25 pages) A security manual(in PDF format) You must use font Calibri size 12, set number of the pages and use multiple line spacing at 1.3 Margins must be: left: 1.25 cm; right: cm; top: cm and bottom: cm The reference follows Harvard referencing system Submission Students are compulsory to submit the assignment in due date and in a way requested by the Tutors The form of submission will be a soft copy posted on http://cms.greenwich.edu.vn/ Note: The Assignment must be your own work, and not copied by or from another student or from books etc If you use ideas, quotes or data (such as diagrams) from books, journals or other sources, you must reference your sources, using the Harvard style Make sure that you know how to reference properly, and that understand the guidelines on plagiarism If you not, you definitely get failed Unit Learning Outcomes: LO3 Develop Cloud Computing solutions using service provider’s frameworks and open source tools LO4 Analyse the technical challenges for cloud applications and assess their risks Assignment Brief and Guidance: Task Base on the scenario and architecture design in the first assignment provide the implementation Because of the time constraint of the assignment, the implementation just provides some demo functions of the scenario The implementation includes two parts: • A presentation (about 25 pages) o which shows which functions are implemented o How to config, deploy and test the services (Web application, Database Server, Source code management, server logs ) using service provider’s frameworks and open source tools o Images for the built functions • The source code for the built application Task The table of contents in your security manual (which should be 500–700 words) should be as follows: Analysis of the most common problems of a cloud computing platform Possible solutions to these problems Analysis of the most common security issues in the cloud environment Discussion on how to overcome these issues Summary Learning Outcomes and Assessment Criteria Pass Merit Distinction LO3 Develop Cloud Computing solutions using service provider’s frameworks and open source tools D2 Critically discuss how one can P5 Configure a Cloud Computing platform with a cloud service provider’s framework overcome these issues and constraints M3 Discuss the issues and constraints one can face during the development process P6 Implement a cloud platform using open source tools LO4 Analyse the technical challenges for cloud applications and assess their risks P7 Analyse the most common problems which arise in a Cloud Computing platform and discuss appropriate solutions to these problems P8 Assess the most common security issues in cloud environments M4 Discuss how to overcome these security issues when building a secure cloud platform D3 Critically discuss how an organisation should protect their data when they migrate to a cloud solution ❒ Summative Feedback: Grade: Signature & Date: ❒ Resubmission Feedback: Assessor Signature: Date: Table of Contents LO3 Develop Cloud Computing solutions using service provider’s frameworks and open source tools P5 Configure a Cloud Computing platform with a cloud service provider’s framework & P6 Implement a cloud platform using open source tools P7 Analyse the most common problems which arise in a Cloud Computing platform and discuss appropriate solutions to these problems 22 Problems with CSP (cloud service provider) 22 The lack of experience, distrust of transition and abilities Shortfall 22 In cloud billing, the lack of automation 23 Inability to comply with legal obligations 24 Inability to deliver and maintain a cloud solution under one umbrella with various brands 25 Inability to stand out from the rivalry 26 Problems with CSC (cloud service consumer) 26 Downtime 26 Security and privacy 27 Attack threat 28 Broad oversight and versatility 28 Lock-in Vendor 28 Concerns on expense 29 The lack of experience, distrust of transition and abilities Shortfall 29 The lack of cloud billing automation 30 Power to comply with regulatory enforcement 31 Inability to deliver and maintain a cloud solution under one umbrella with various brands 31 Inability to stand out from the rivalry 31 Problems with CSC (cloud service consumer) 32 Best practices for minimizing planned downtime in a cloud environment 32 Good practices for reducing risks to protection and privacy 33 Best practices to reduce cloud attacks to benefit you 33 P8 Assess the most common security issues in cloud environments 35 Multiple cloud computing service models 35 Some opportunities and hurdles when implementing cloud services 36 Advantages: 36 Obstacles: 37 Classification in cloud computing: 37 Safety, Cloud Storage Data Safety: 38 Development trend of cloud computing: 40 Completion 41 References 42 LO3 Develop Cloud Computing solutions using service provider’s frameworks and open source tools P5 Configure a Cloud Computing platform with a cloud service provider’s framework & P6 Implement a cloud platform using open source tools - First I’m create a folder to contain my project I’m using git to get my code that I was post on github After downloaded, all files are ready to go - I was downloaded composer code for the project It will helping me to control my code Copy env.example to a new env file that I will configuring env file to connect Heroku Cloud Services provider systems will cause problems in switching from one cloud platform to another, which may be equal to added costs and nuances of setup Gaps or compromises made during migration may also expose the data to additional flaws in security and privacy Concerns on expense It can be viewed as costly to implement cloud solutions on a small scale only for short-term initiatives In terms of IT cost savings, however, the most critical cloud computing advantage is More simplicity and lower hardware costs can be offered by pay-as-you-go cloud providers, but the average price tag could end up being higher than you anticipated If you are confident of what would fit well for you, playing with a range of offerings is a smart idea Cost calculators made available by providers such as Amazon Web Services and the Google Cloud Portal can also be included Possible answers to those questions Problems with CSP (cloud service provider) The lack of experience, distrust of transition and abilities Shortfall Recognize the different interests, expectations and desires of all workers and take an educated approach to the transition of employees' mindsets Build a Appropriate self-planning as well as team transformation-discuss whether the transition is Required and how it can be generated along with the consequences it can offer Have good contact beforehand, gather the best skills and competencies, outline how both business success and individual departments will benefit from technologically trained workers CXOs must now wholeheartedly embrace digitalization and experiment using powerful new instruments and cloud technologies They need to take time to think about them and the impact they can have on corporate operations and the quality of services The key thing of interest in order to exploit the cloud is that cloud computing service providers should first consider the best technologies they should have in place to ease enterprise cloud management The lack of cloud billing automation CSPs should figure out who has the right cloud billing approach that suits their expectations in order to solve cloud billing problems They should follow a versatile cloud subscription billing management framework after considering the pros and cons of a cloud billing software that can help them handle ongoing cloud billing and also assist them with minimal hassles in upselling and crossselling to their clients Create a framework that gives the visibility of your billing staff and your clients into service billing from a central location This will allow you to handle your billing efficiently, while accountability and self-sufficiency will be appreciated by clients Ultimately, you can tackle those cloud computing problems Power to comply with regulatory enforcement To maintain protection, enforcement is important In their offerings, CSPs can design security They should be more specific on what is permitted to go where, and under what kind of protection A CSP wants a cloud storage system that satisfies regulatory compliance for best consumer data security and enables CSPs to set permissions and stringent access controls for this purpose CSPs should ensure that, regardless of where it exists and with whom it is communicated, they have access and influence over the data Inability to deliver and maintain a cloud solution under one umbrella with various brands CSPs need an overarching architecture built to operate seamlessly from hardware to software in the multi-cloud world to meet this current collection of specifications CSPs can use an extensible architecture for the distribution of cloud applications that enables them to easily install new services with much fewer operating restrictions and efficiently interact with various systems and technologies Inability to stand out from the rivalry Second, create a basic and transparent product portfolio based on your customers' desires and then learn about branch-specific product portfolios in order to become more unique in the industry Pick a marketplace and product presentation site that helps you, under every price model, to sell anything and anything to your clients Problems with CSC (cloud service consumer) Best practices for minimizing planned downtime in a cloud environment - High-availability design services and emergency management in mind Use the multi-availability zones that cloud vendors include in your From utilities - If the services have a poor failure threshold, recommend multi-region implementations with automatic failover to ensure the best possible business continuity - Developing and executing a disaster recovery strategy that includes the lowest possible recovery time (RTO ) and recovery point targets (RPO) in compliance with the business goals - Expect the implementation of dedicated connections such as AWS Direct Link, Azure ExpressRoute or Dedicated Interconnect or Partner from Google Cloud Interconnect Link Such networks provide a dedicated network connection between you and the point of presence of the cloud provider This will decrease sensitivity to the possibility of public internet market disruption - On your Service Level Agreement ( SLA), read the fine print Will you have 99.9 percent uptime promised or even better? That 0.1% downtime is about 45 minutes a month, or about hours a year Good practices for reducing risks to protection and privacy - Important: Understand the mutual model of accountability of your Provider of clouds For what happens inside your network and in your product, you will always be accountable - Enforce security at all stages of the implementation - Know who should have access to each resource and facility and restrict access to the minimal right You will like their effect to be aslimited as possible if an employee goes wild and gets access to the deployment - Ensure that the talents of the staff are up to the challenge A brilliant report to learn how to minimize security and privacy issues in the cloud is the Top 10 Stuff Cybersecurity experts Need to Read - Take a risk-based approach to protecting cloud-based infrastructure and applying security to computers - Enforce multi-factor authentication on all confidential data or device control accounts - Encryption, cryptography, encryption Wherever you can comfortably win, turn on encryption on object storage such as Amazon S3 or Azure Blob Storage where consumer data mostly remains In July 2019, the simple act of turning on encryption on S3 may have stopped the Capital One data breach that leaked the knowledge of 100 million people Best practices to reduce cloud attacks to benefit you - Making defense a central component of all IT activities -Keeping ALL of the staff up to date on best practices in cloud protection - Ensuring that security protocols and practices are tested and revised periodically - Define information proactively and apply access management - Simplify regulatory controls by using cloud utilities such as AWS Inspector, AWS CloudWatch, AWS CloudTrail, and AWS Config - Avoid ex-filtration of results - Incorporate methods of detection and response into defense activities - Through audits, find rogue ventures - Delete keys to passwords from accounts that not have to log on to services - Check and rotate the keys and passwords for entry - In order to be aware of known threats, monitor security blogs and announcements.- Use best practices and compliance for any open source program that you are Of Used - Again, wherever and whenever possible, use encryption These activities will help the company track sensitive data disclosure and movement, secure critical networks from attack and compromise, and authenticate access to resources and data to safeguard against additional threats P8 Assess the most common security issues in cloud environments The business community is really involved in cloud computing This article offers some basic background on security and security, as well as the deployment of enterprises and businesses using cloud computing technologies General presentation on cloud computing Only in recent years has the term Cloud Computing emerged Amazon fostered Cloud Computing research and implementation in mid-2007 Shortly thereafter, cloud computing was forced to expand stronger and stronger with the inclusion of major corporations such as Microsoft , Google, IBM or Amazon … More and more enterprises are interested in creating software for cloud computing, such as Microsoft , Google, Intel, IBM, etc That has generated a huge application market Cloud networking, allowing people and companies who want to "cloud" their software and data more options In the future, cloud infrastructure growth will concentrate on three key issues, according to experts, including: interoperability (federated), automation (automated) and terminal identity client (aware ware) There are also new approaches to the automation of information technology that enable users to respond in a faster, more reliable and cost-effective way to user requests Related clouds will allow resources to be organized more easily, while endpoint-aware clouds will optimally take advantage of each device's specific features Multiple cloud computing service models In cloud infrastructure, all information technology-related possibilities are offered in the form of 'Services,' where consumers access technology services from a given provider "In the cloud," without being worried with the technology's server resources Software as a Service (SaaS), Infrastructure as a Service (IaaS) and Application as a Service ( PaaS) are the three most basic frameworks widely found in cloud computing Some opportunities and hurdles when implementing cloud services Advantages: - Low investment costs: users require time and capital to develop plans, invest in facilities, spend equipment and management according to the conventional model to acquire facilities, machinery and human capital In the cloud computing model with the slogan "Pay as you use" (users only have to pay for what they have used), these problems can be addressed in the cloud computing model with the slogan "Pay as you use" (users only have to pay for what they have used) This expense is not minimal and it is often not used properly, for example, does not satisfy the demand or does not use maximum power during use - High processing speed, no longer reliant on the platform and geographical location: enables users to access and use the system anywhere and on any device (such as a PC or mobile device ) via web browser - Easy to extend and update: Customers only need to send a request to the service provider instead of needing to spend in new or revamped infrastructure , applications, management staff to expand or upgrade the system with cloud storage Obstacles: - Privacy: data about users and data stored on the cloud is not guaranteed to be confidential and can be used for other uses as well - Availability: cloud storage centers or network networks can have difficulties, causing cloud servers to "hang" suddenly, meaning that at some time periods, customers can not access their services and data - Data failure capability: some cloud online data storage systems suddenly stop operating or stop delivering services, including, for some reason, information in some situations The customer is missing and is unable to be recovered - Protection ability: the issue of concentrating data on the cloud is an affected wat to increase security, but on the other hand it is the concern of cloud computing services customers that all data can be taken over if the cloud is attacked or compromised Classification in cloud computing: Cloud computing can essentially be categorized as follows: - Public Cloud: public cloud software, computing and other services are made open to the public by an open service provider Those facilities are free of charge or paid for (pay-per-usage) by use User data in the public cloud will typically be maintained in the cloud and approved for maintenance by the service provider - Private Cloud: a cloud storage infrastructure that only exists with a single person, whether managed, stored internally (internal) or by an external third party Users will be assured of better data protection with the private cloud, which is ideal for users who have confidential data and need high privacy - Hybrid Cloud: a part of two or more clouds (private and public cloud) that remain the only organizations but unite them, offering the advantages of several models of implementation Companies and individuals can manage mistakes by using the "Hybrid cloud" architecture, paired with instant on-site usability without relying on an internet connection Safety, Cloud Storage Data Safety: In practice, protection is essential for the growth of cloud computing Many organisations and corporations have studied and provided many stable cloud computing applications at present A short description of some of the most recently released security models and cryptographic algorithms is given below Three-layer cloud infrastructure data security architecture Layer 1: A single-time password (OTP) authentication layer is a widely deployed method for users using cloud storage Highly secure networks can need both user and vendor authentication, but only one-way authentication for free cloud services (Figure 3) Layer 2: By an encryption algorithm, this layer guarantees data security (Data Encryption), data integrity (Data Integrity) and user privacy security (Private User Protection) Layer 3: User data layer for fast data recovery according to the speed of decryption The data security model uses VPN Cloud to ensure that the data on the channel is protected, to encrypt the path between private clouds with each other and between users, people use VPN cloud (VPN Cloud) The Cloud For organisations with high data protection requirements, the enterprise cloud computing model (Private Cloud Computing) is often preferred when implemented The communication between users and the cloud as well as the connection between private clouds would be secured and protected through the IPS specification by VPN Cloud Development trend of cloud computing: Recently, in addition to supplying companies with cloud infrastructure models and services, providers are seeking to bring their cloud technologies and services to developed countries' state administrative agencies Famous cloud providers such as Amazon EC2, Microsoft Azure, IBM have Smart Cloud Business, Google offers App Engine, Redhat offers Redhat's Openshift, VMware has Cloud Foundry, Vietnam's Information and Digital Content Industry Institute has iDragon Clouds Google Cloud, Redhat's Openshift, VMware Cloud Foundry, and NISCI iDragon Clouds are PaaS open source, allowing deployment on a lo lo lo lo According to several analysts, by 2020 , the number of public cloud users would reach billion It is estimated that about billion users typically use Microsoft Office, OpenOffice or LibreOffice, Microsoft Exchange or Sharepoint, IBM Lotus Notes in the world in 2012, and that everyone will migrate to the public cloud by 2020 Completion Cloud computing is increasingly evolving and expanding, and existing architectures will be steadily replaced in the near future by this technology The introduction of cloud computing has not only been applied for small to medium-sized businesses or sole customers, but for major enterprises and state agencies The concern is whether the use of cloud storage is always secure for the safety of users, honesty of records, confidentiality This is still a problem that in the future needs to be explored References [Accessed 18 October 2022] https://viettelidc.com.vn/tin-tuc/cloud-computing-la-gi-tat-tan-tat-nhung-dieu-ban-can-biet-ve-cloud-computing [Accessed 18 October 2022] https://en.wikipedia.org/wiki/Cloud_computing [Accessed 18 October 2022]https://azure.microsoft.com/enus/resources/cloud-computing-dictionary/what-is-cloud-computing/ https://gcore.com/cloud/?utm_source=google&utm_medium=cpc&utm_content=network|g|position||ad_id|53830373061 7|ad_name||group_name|cloud_computing|match_type|b|placement||keyword|cloud%20computing%20services|device _type|c|device||placement_category|&utm_term=cloud%20computing%20services&utm_campaign=google_cpc_cloud_ge neral_apac_search_desktop&gclid=Cj0KCQjwnbmaBhD-ARIsAGTPcfWoaHr-DAKBaGJpzUScPVOyAPKhOART-0Zuclkv6jpid-99ywXrP4aAlyZEALw_wcB [Accessed 18 October 2022] https://www.thegioimaychu.vn/blog/tag/cloud-computing/ [Accessed 18 October 2022] https://www.zdnet.com/article/what-is-cloud-computing-everything-you-need-to-know-about-the-cloud/ [Accessed 18 October 2022] https://aws.amazon.com/vi/free/?all-free-tier.sort-by=item.additionalFields.SortRank&all-free-tier.sortorder=asc&awsf.Free%20Tier%20Types=*all&awsf.Free%20Tier%20Categories=categories%23compute&trk=5a2de2ea-60f84022-bf9fc1080f0f7564&sc_channel=ps&s_kwcid=AL!4422!3!379978639332!p!!g!!cloud%20computing&ef_id=Cj0KCQjwnbmaBhDARIsAGTPcfWRuz8tUlg1TKbd7ALbVBzLPUGYPrBd2ZjB1pBIoYHvUQbveEXcL_QaAuIzEALw_wcB:G:s&s_kwcid=AL!4422!3!3799 78639332!p!!g!!cloud%20computing[Accessed 18 October 2022]