Xinyao Zhang 701765102
This paper introduces the definition and development history of cloud computing. After a general understanding of cloud computing, it introduces the comprehensive cloud computing security problems, following with the solutions for each problem. The next part is about the application of cloud computing, which provide several examples about the application. At the end of this paper, it concludes the whole paper of cloud computing. Cloud computing has a bright future.
I. Introduction of cloud computing
What is cloud computing?
This question may come first when people hear the phrase “cloud computing” for the first time. As NIST (The National Institute of Standards and Technology) defined, “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”1 To make it easier to understand, it is a tool based on the Internet that people can use the shared information and resources when they use different computers.
Cloud computing has becoming more and more popular recent years. It is not a mature technology, compare with the history of computer investment, it has a relatively short story. The beginning of the story can trace to the 1950s. To make good use of the expensive large-scale computer, a practice was made so that not only one user could get access to the computer at the same time. Then it came to the 1960s, as John McCarthy said, “Computation may someday be organized as a public utility.” As we see it now, this prediction finally comes true. In 1990s, computers were becoming more and more popular in families and companies. And scientists also focused on how to provide and improve the information-sharing platform to make people more convenient. From 2000, the cloud computing technology developed quicker. “In early 2008, Eucalyptus became the first open-source, AWS API-compatible platform for deploying private clouds. In the same year, in the framework of the IRMOS European Commission-funded project, Open Nebula resulted in a real-time cloud environment.”3 In 2011, IBM announced the IBM Smart Cloud framework to support Smarter Plane.4 The next year 2012, Oracle Corp. announced the Oracle Cloud.5 The cloud computing has developed a lot in the past 60 years, and it keeps developing days by days.
II. The comprehensive security of cloud computing
1. Cloud computing structures
There are three kinds of cloud structures: IaaS (Infrastructure as a Service), PaaS (Platform as a Service) and SaaS (Software as a Service). Each of them has different security problems. The following states some characters of these three structures:
1) IaaS is the base layer of cloud spectrum. In this layer, “you want to maintain control of your software environment, but you don't want to maintain any equipment. You will deal with storage, network and others.” 6
2) PaaS is a layer upon the IaaS but under SaaS. “PaaS gives your application developers hooks and tools to develop to that particular platform. Email is a good example of it.” 6
3) SaaS is the top layer of these three structures. “The provider figures out how many resources to devote to your use of the application. The provider figures out the servers, the virtual machines, the network equipment, everything. You just point your browser at it.” 6
These three kinds of structures have differences in securities methods and liability. SaaS needs the highest security requirement, so the cloud providers need to set up a whole security system to make sure the service security. They afford most of the security responsibility, but instead, it also limits the users creativity. On the contrary, IaaS gives users plenty of freedom to develop the computing environment, but it also