Pravin Karthick Ravichandran

Santhosh Keerthi Balmuri

School of Technology Malmo University SE-205 06-Malmo Sweden

Master Thesis

Computer Science

August 2011

This thesis is submitted to the School of Technology at Malmö University in partial fulfillment of

the requirements for the degree of Master of Science in Computer Science. The thesis is

equivalent to 20 weeks of full time studies.

Contact Information:

Author(s):

Pravin Karthick RaviChandran

E-mail: rpravink@gmail.com

Santhosh Keerthi Balmuri

E-mail: santhoshkeerthi@gmail.com

University Advisor:

Annabella Loconsole

E-mail: Annabella.Loconsole@mah.se

School of Technology

External Advisor(s) :

Swedish Armed Forces (SWAF), Enköping

Dan Ahlström

E-mail: dan.ahlstrom@mil.se

Ross W Tsagalidis

E-mail: wross@tele2.se

University Examiner:

Jan Persson

E-mail: jan.a.persson@mah.se

School of Technology

Malmo University

SE-205 06, Malmo

Sweden

Phone: +46 (0) 40 - 665 70 00 Internet: http://www.mah.se/english/Schools-and-faculties/School-of-Technology/

i

ABSTRACT

Cloud Computing (CC) is one of the fast growing computer network technologies and many

companies offer their services through cloud network. Cloud Computing has many properties

with respect to the existing traditional service provisions like scalability, availability, fault

tolerance, capability and so on which are supported by many IT companies like Google,

Amazon, Salesforce.com. These IT companies have more chances to adapt their services into

a new environment, known as Cloud computing systems. There are many cloud computing

services which are being provided by many IT companies.

The purpose of this thesis is to investigate which cloud environment (public, private and

hybrid) and services (Infrastructure as a Service, Software as a Service, and Platform as a

Service) are suitable for Swedish Armed Forces (SWAF) with respect to performance,

security, cost, flexibility and functionality. SWAF is using private (internal) cloud for

communications where both sensitive and non-sensitive information are located in the internal

cloud. There are problems like maintenance of hardware, cost issues and secure

communication while maintaining the private cloud. In order to overcome those problems we

have suggested a hybrid and community cloud environment and SaaS, IaaS, PaaS services for

SWAF.

For suggesting these cloud environments and cloud services we have performed a literature

study and two empirical studies (survey and interviews) with different organizations.

A new cloud model is designed based on the suggested cloud environment, separate storage

spaces for sensitive and non-sensitive information, suitable services and an effective

infrastructure for sharing the internal information for SWAF.

Keywords: Cloud computing, private cloud, public cloud, hybrid cloud, Infrastructure as a

Service (IaaS), Software as a Service (SaaS), Platform as a Service (PaaS), and VPN.

ii

iii

ACKNOWLEDGEMENT

First of all we thank to holy God who showered their blessing on us. We would also like to

express our heartiest gratitude to our academic supervisor Senior Lecturer Annabella

Loconsole at Malmö University of Computer Science Department, for the invaluable insights,

motivation and guidance throughout the thesis work. We must be thankful for her suggestions,

comments and the way of supervision that lead to present our thesis at Malmö University,

2011. We would also thank Dan Ahlström and Ross W Tsagalidis from Swedish Armed

Forces (SWAF) for giving us an opportunity to work on this interesting as well as challenging

topic under their keen guidance and support through the end of this thesis work.

I, Santhosh Keerthi Balmuri would be very thankful to my father B.Kamalakar Rao, mother

B.Jyothi and my sisters B.Sandeepthi, J.Mounika for supporting me throughout the carrers.

Finally I thank my lovely husband Ashok Nimmala, who had encouraged and supported me in

my thesis work during Master's Programme.

I, Pravin Karthick Ravichandran would like to thank my mother Vijayalakshmy

RaviChandran and my sister Ind Pradha RaviChandran for supporting me all through the

years. I also thank all my friends for influencing me in a positive way towards my education.

iv

v

CONTENTS

ABSTRACT................................................................................................................................i

ACKNOWLEDGEMENT......................................................................................................iii

ABBREVATIONS.................................................................................................................viii

LIST OF TABLES……...........................................................................................................ix

LIST OF FIGURES……………………………………………………………………..........x

1 INTRODUCTION……………………………………………………………1

1.1 Problem Description……………………...……………………………………..................1

1.2 Related Work ...……………………………………………………………………………1

1.3 Objective…………………………………………………………………………...……....2

1.4 Motivation………………………………………………………………………………….3

1.5 Research Questions………………………………………………………………………...3

1.6 Expected Results…………………………………………………………………………...3

1.7 Contribution of our work…………………………………………………………………..3

1.8 Outline of Thesis…………………………………………………………………………...4

2 CONTEXT OF THE MASTER THESIS PROJECT……………………...5

2.1 About SWAF……………………………………………………………………………….5

2.1.1 Product ……….…………………………………………………………....5

2.1.2 Process ……….……………………………………………………………5

2.1.3 Practices ……….…………………………………………………………..6

2.1.4 People ……….…………………………………………………………….6

2.1.5 Organization ……….……………………………………………………...6

2.2 Selection of Topic…………………………………………………………………………7

2.3 Problems in the Present Environment………………………………………………….....6

2.4 Requirements of SWAF………………………………………………………………...…7

vi

3 THEORETICAL BACKGROUND…………………………………………9

3.1 Introduction to Cloud Computing……….…………………………………………………9

3.1.1 Definitions of cloud computing …..…………………………….…………9

3.1.2 Public cloud……………………….…………………………….……..…11

3.1.3 Private cloud……………………………………………………………...11

3.1.4 Hybrid cloud………………………………………………………….…..12

3.1.5 Community cloud………………………………………………………...12

3.2 VPN tunnels……………………………………………………………………..………..13

3.3 Cloud services………………………………………………………………………….…13

3.3.1 IaaS…………………………………………………………………..…...15

3.3.2 PaaS………………………………………...……..……………………...16

3.3.3 SaaS…………………………………………...………………………….17

3.3.4 Properties of cloud services………………………………………………18

3.3.5 Benefits of Cloud computing services…………………………………....20

3.4 Comparison of cloud environments………………………………………………………20

3.4.1 Definition of requirements……………………………………………….21

3.4.2 Comparison of the cloud environments with the requirements…………..21

3.5 Benefits of cloud computing…………………………………………………………...…23

3.6 Limitation of cloud computing…………………………………….……………………..23

3.7 Source Selections…………………………………………………………………………24

3.8 Summary of Literature Study……………………………………………………………..24

4 RESEARCH METHODOLOGY…………………………….…………….26

4.1 Research Design…….…………………………………………………………………….26

4.2 Survey process…………………………………………………...……………………….28

4.2.1 Survey objective……………………………………………………..…...28

4.2.2 Survey preparation………………………….……………………………28

4.2.3 Survey participants……………………………………………………….28

vii

4.2.4 Execution…………………………………………………………………28

4.3 Interview process………………………………………...……………………………….29

4.3.1 Interview objective……………………………………………………….29

4.3.2 Interview preparation…………………………………………………….29

4.3.3 Interview participants…………………………………………………… 29

4.3.4 Execution……………………………...………………………………….29

4.4 Instruments used for survey and interview……………………………………………….30

4.5 Threats to validity…………………………………………………..…………………….30

5 RESULTS OF THE EMPIRICAL STUDY……………………………….32

5.1 Results of the survey………………………………………...……………………………32

5.1.1 Summary of the survey……………...……………………………………39

5.2 Results of Interview study…………………………………………………………….…..40

5.2.1 Summary of the interview………………………………………………..42

5.3 Discussion……………………………………………………………………….….…….43

5.3.1 Discussion of Qualitative and Quantitative data ..................….…............44

5.3.2 Discussion of survey and interview………………………………………44

5.3.3 Suggesting the cloud environment……………………………………….45

6 PROPOSED MODEL FROM THE ACHIEVED RESULTS……………49

6.1 Inputs used for designing the new cloud model........................................................49

6.2 Model design……………………………………………………...………………………49

6.3 Analysis of design model………………………………………...……………………….52

6.4 Suggestion given by SWAF……………………………………………………………....53

7 CONCLUSION AND FUTURE WORK……………………………...…...55

7.1 Summary………………………………………………………………………………….55

7.2 Answering the research questions………………………………………………………...56

7.3 Future work……………………………………………………………………………….57

viii

References……………………………………………………………………..58

Appendix 1…………………………………………………………………….65

Appendix 2…………………………………………………………………….71

ix

ABBREVATIONS

IT - Information Technology

SWAF -SWedish Armed Forces (Försvarsmakten)

FMKE - FörsvarsMaktens enhet för Konceptutveckling

(Armed Forces Unit for concept development).

CC - Cloud Computing

IaaS - Infrastructure as a Service

PaaS - Platform as a Service

SaaS - Software as a Service

VPN - Virtual Private Network

VINCI -Virtual Interacting Network CommunIty

ICT - Information and Communication Technology infrastructure

SOAP - Simple Object Access Protocol

REST - Representational State Transfer

XML - eXtensible Markup Language

PHP - Hypertext Preprocessor

HTTP - HyperText Transfer Protocol

x

LIST OF TABLES

Table 1: Classification of Requirements/Problem/Motivation………………………………...7

Table 2: Comparison between Traditional software and software as a service………………17

Table 3: Properties and different cloud computing service providers………………………..20

Table 4: Comparison of cloud environments…………………………………………………22

Table 5: Mapping of Research Process and Research Methodology…………………………27

Table 6: Instruments used in our research…………………………………………….….......30

Table 7: Employees working on CC in the organizations…………………………………....33

Table 8: Values for the factors according to the rank scale......................................................36

Table 9: Interview Results……………………………………………………………………43

Table 10: Comparison of the results of Survey and Interview ………………….……...…….45

Table 11: Comparing the requirements of SWAF with empirical study…..…………………46

xi

LIST OF FIGURES

Figure 1: Basic block Diagram for Cloud Computing Environments and Services..…...……10

Figure 2: Companies providing Cloud Computing Services………………………………....14

Figure 3: Useful of different Clouds with the services……………………………………….18

Figure 4: Research Methodology …………………………………………………………….26

Figure 5: Excerpt of the online survey…………………………………………………...…...32

Figure 6: Rating the reasons for shifting to CC....…………………………………………....34

Figure 7: Usage of Cloud Environments………………………………………………….......34

Figure 8: Priority of cloud environments……………………………………………………..35

Figure 9: Rating for the factors of public cloud………………………………………………36

Figure 10: Rating for the factors of private cloud………………………………………….....37

Figure 11: Rating for the factors of hybrid cloud…………………………………………….37

Figure 12: Usage of Cloud Service Models…………………………………………………..38

Figure 13: Rating for IT Services/Applications to be outsourced by Cloud Providers………39

Figure 14: Proposed Cloud model…………………………………………………………....50

1

CHAPTER 1

INTRODUCTION

Cloud computing is the internet-based computing, where users can share resources, information and

software. The recent development of Cloud Computing provides a motivation for organizations to

outsource their Information and Communication Technology infrastructure (ICT). The data centers

required for Cloud Computing are growing exponentially. This work describes how the large scale

organizations like SWedish Armed Forces (SWAF) can use cloud computing effectively by

suggesting them the services and cloud environments with respect to performance, security, cost,

flexibility and functionality.

1.1 Problem Description Cloud Computing plays a vital role in most of the internet based technologies, where we need secure

transmission of data. Cloud Computing is changing the IT architectural solutions which are kept

forward by means of data storage, local networks and software. In cloud computing technology, it is

a challenge to manage security issues, high performance and to have different functionalities for

cloud environments. It is also a challenge to provide a cloud service with high security, affordable

cost, and high performance. Furthermore, an important decision is which type of cloud environment

could be used (internal, external, hybrid, or community cloud environment) [14].

SWAF is currently using private cloud environment, where the same infrastructures, platforms and

software are placed in all the centers (Ex: Stockholm, Malmö, Enköping, etc.) of SWAF. This leads

to several processors, servers, security and network communication to be maintained by SWAF, thus

resulting high cost. In order to overcome these issues, we are going to suggest a suitable cloud

environment with respect to cost, security, performance, flexibility and functionality. In this work,

we also propose a design of a cloud model for SWAF, which can also be used by other large scale

organizations. With this new model, data and applications in SWAF can be managed and maintained

securely with better performance and functionality.

SWAF is also handling several problems like troubleshooting software, extending the license of the

product, hiring more employees to recover the technical problems, etc. caused by the internal cloud

services. To maintain and manage these services, SWAF needs to have more funding and increased

man power. In order to overcome these issues we have done a literature and empirical study on

different cloud environments (public, private and hybrid cloud) and cloud services (Infrastructure as

a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (PaaS)) and described

different cloud service providers with respect to their properties. In this way, SWAF can consider

one or more services to be outsourced from cloud service providers. The services could be

maintained and managed by the cloud providers securely.

1.2 Related work Much of the focus in this report was the study of different cloud environments such as public cloud,

private cloud and hybrid cloud. Ruan Gaofeng [16] tells how public cloud computing infrastructure

could be used at low cost (is one of the factor used to suggest the cloud environment), low technical

barriers and high diversity with multimedia technology. Lori M. Kaufman [17] explained the security

and privacy issues of public cloud and mentioned that, because of thwart attacks in public clouds,

many of the organizations ultimately need to move the traditional perimeter security approaches to

the private virtual machines. Alexandra Loosup et al. [55] tells that Cloud computing services were

designed to replace the small-to-medium size enterprise data centers; performance wise, workloads

often require High-Performance Computing (HPC) or High-Throughput Computing (HTC)

2

capabilities. Another report on private cloud is described in [21], in which Jingyu Ding proposed a

framework of data center consolidation by comparing the different VPN (Virtual Private Network)

implementation technologies. For national security purposes, Anya Kim et al. [2] had proposed a

national security hybrid cloud architecture that consists of private cloud, public cloud and

community cloud. Sang-Ho Na [22] proposed a generalized security framework for hybrid cloud

computing using hybrid cloud model. A hybrid cloud is composed of online storage (reliable and

secure place to store data), online desktop (access anywhere we can connect to the Internet) and web

based applications (like Google docs) for fast processing and to free up resources when needed.

While designing a new cloud model, the main constraint is the placing of database in particular layer

of the data model. In general, there are three levels of data modeling such as conceptual data model

(identifies the highest-level relationships between the different entities), logical data model (includes

all entities and relationships among them), and physical data model (represents how the model will

be built in the database and shows all table structures, including column name, column data type,

column constraints, primary key, foreign key, and relationships between tables) [78]. Lomet [57] has

proposed an approach, where the storing of data in database is done with two layers called as

“transactional component” (works in logical level) and “data component” (works in physical level).

These two components support a record oriented interface that provides atomic operations.

Separating Transactional component functionality from Data component functionality enables cloud

platforms to support transactions with much greater flexibility. Another report presented by Hassan

Takabi et al. [3] gives an overview of cloud computing and its features with their security

implications. They discussed some of the security threats and proposed a security framework for

cloud computing environments.

Ramgovind et al. [1] describes the different types of clouds, services (IaaS, SaaS, PaaS) and the

security concerns that should be properly addressed and managed. By comparing the cloud models

and delivery models with respect to cost, performance, functionality and security requirements, the

vendors and organizations become more confident in promoting highly protected safe cloud

framework. Zhibin Chen et al. [4] have discussed security issues and defined a solution to encrypt

the data and make it secured. Rather than acquiring and managing own physical infrastructure, a

community defines a virtual Information and Communication Technology (ICT) infrastructure, by

instantiating and interconnecting virtual machines (VMs) defined from a small set of standards.

While using internal cloud services of the organization, servers and memory systems are almost

always purchased to meet projected capacity needs, not current needs. At last, an ample percentage

of acquired resources are always wasted until the company grows into them [56]. Instead,

outsourcing infrastructure enables IT departments to focus on strategic ideas that add value and

create competitive advantage, rather than getting delayed in the daily information of managing

servers. As a result this provides greater flexibility while outsourcing the services.

In the above related literature, authors had explained about specific cloud environment with specific

factor and about the developed framework in particular cloud environment. In this thesis, cloud

environments and cloud services will be explained with all the factors such as cost, security,

performance, functionality and flexibility. Based on this description we will be deciding the suitable

cloud environment for SWAF.

1.3 Objective The main goal of our project is to suggest a suitable cloud environment and services for the large

scale organization, here we have chosen SWedish Armed Forces (SWAF) by considering the

requirements (performance, security, cost, flexibility and functionality) given by SWAF and to do a

detailed study on cloud environments and cloud services.

3

Sub goal 1: Suggest a suitable cloud environment (Public cloud, Private cloud and Hybrid cloud).

Sub goal 2: Suggest the suitable cloud services (IaaS, PaaS, and SaaS).

Sub goal 3: Propose a new cloud model to substitute the existing model, after identifying the above

cloud environments and services.

1.4 Motivation For SWAF, it is needed to have a suitable cloud environment and a model to implement this cloud

environment. By doing this research we would propose a secure computing environment by

considering all the requirements for large amount of computing and storage data for SWAF.

1.5 Research Question RQ 1: Which environment (public cloud, private cloud and hybrid cloud) would be suitable

for SWAF with respect to performance, security, cost, flexibility and functionality?

RQ 2: How the services Infrastructure-as-a-Service (IaaS), Software-as-a-Service (SaaS),

Platform-as-a-Service (PaaS) could be used and how these services could be firmly

integrated with the suggested cloud environment by SWAF?

[Note: Above RQ1 and RQ2 are suggested by SWAF, apart from that we will also

make a study on other cloud environments]

1.6 Expected Results

The expected results of our research will be a suitable cloud environment and cloud services that will

be suggested to SWAF. This solution will be derived by performing the literature study and

empirical study (from survey and interview). After analyzing the statistic results of empirical study,

literature study and getting the requirements from SWAF, a proposal of a cloud model for SWAF

will be designed to satisfy the requirements of affordable cost, greater performance, higher flexibility

and functionality.

1.7 Contribution During this thesis we made our contribution,

By presenting a literature study (section 3.8) on various cloud environments and services,

large organizations like SWAF can be aware of those concepts. This study helped us to

integrate the findings for designing the new cloud model. During our literature study we had

enough number of articles, which motivated to do our literature work. From that we have

gathered a lot of information about cloud environment, services, applications, service

providers, cloud architecture and cloud management. Among several articles we have found

one article discussing about the cloud environment related to defense. To be specific, the

article on “Security and Architectural Issues for National Security Cloud Computing” [2] tells

how the cloud computing can be used for large organizations by having a secure hybrid

cloud architecture that consists of private cloud, public cloud and community cloud. But here

in our research we have studied on cloud environments, cloud services, service providers and

4

about the security requirements; also we have compared all the different environments and

services related to the given requirements with suitable examples.

By doing the survey and interview we will identify the suitable cloud environment and cloud

services, this also answers the first research question. Several surveys and interviews are

taken on cloud computing in order to manage cloud environment, cloud services and other

services. But there is no survey/ interview, which contains the information about the usage of

cloud environments, reason for shifting to cloud environment from this existing environment,

priority of choosing Cloud Environments, selection of SPI (Software, Platform, and

Infrastructure) model and about the outsourcing of IT services/applications. But, all the above

mentioned information is discussed in our empirical study. This gives a suitable solution to

choose the cloud environment and services with respect to performance, security, cost,

functionality and flexibility for SWAF. This empirical study can also be applied for other

organizations those who use/not use cloud computing.

By presenting the possible solution to the problem given by SWAF. After making it clear

they can make use of those suggested cloud environment and services at their place. This

solution can also be used for the other large scale organizations, those who were planning to

shift their current environment into cloud.

By presenting a new cloud model, provides possible solution to a problem related to the

research question. We can also use this proposed cloud model to other large scale

organizations that have same or less requirements as SWAF.

1.8 Outline of Thesis

Chapter 2 describes the context of master thesis project, problems in the present environment and

about the requirements/inputs given by the SWAF.

Chapter 3 describes the theoretical background of CC, and the different kinds of cloud environments

and services. We also describe the benefits and limitations of CC and different cloud environments

are compared to each other.

Chapter 4 explains the research methodology is used in this thesis and the reason why those specific

research methods are selected. The process of survey and interview are also explained.

Chapter 5 explains the results of survey and interviews which we had conducted with several

organizations, which is followed by the analysis of the results and a suggestion of a suitable cloud

environment.

Chapter 6 describes the specifications and analysis of the model designed in the suggested cloud

environment. And also discusses about the suggestions given by SWAF for improving the designed

model.

Chapter 7 presents the conclusion, results and future work of our research thesis.

5

CHAPTER 2

CONTEXT OF THE MASTER THESIS PROJECT

The first part of this chapter contains general information about the company and their contexts. The

second part describes the research work done at the organization and about how the thesis topic has

been selected. The third part describes the problems in the present environment. The fourth part

describes the requirements given by SWAF.

2.1 About SWAF Cloud computing is a vast area, where it is used at profit/non-profit organizations, government,

health care, defense, hospitals, businesses and for commercial(iCloud) use to store music, videos,

photos, applications, documents. Among those places defense is a fascinating area, where SWAF

officials are looking to move away from its decentralized network of computer servers and data

centers into “cloud computing”. By start doing the research for SWAF, will also help to make use for

other large scale organizations.

The SWedish Armed Forces (SWAF) is a Swedish government agency, responsible for the operation

of the armed force of the realm; they are one of the biggest authorities in Sweden and are headed by

a supreme commander [40]. SWAF is allocated an annual budget of about SEK 40 billion to perform

its responsibilities. Around half of this goes to unit operations and the rest to research, development

and the purchasing of new materials systems [41]. FMKE (FörsvarsMaktens enhet för

konceptutveckling) is located at the Armed Forces development center in Enköping but receive their

assignments directly from the Headquarters. The company details of SWAF are explained in the

following sub sections, by complying the guidelines from [81].

2.1.1 Product

Product is the software system developed with help of the object study. In SWAF, there is no in

house development process. They just buy and outsource the software and services from different

service providers.

2.1.2 Process

SWAF is a large scale organization, where several processes are undertaken and dispatched by

themselves. The authors of this report have been informed about the existing cloud environment,

while they have not been informed about the cloud model used at the company because of security

reasons. Currently company makes use of private cloud for the telephony calls, emails, and several

different software systems to communicate with their peer users. They are maintaining and managing

all the services inside their organization.

SWAF are maintaining and managing some of the services (like logistics, Payroll, Human resource,

Supply chain management, Accounting and finance, installations of needed licensed software)

internally. Because of maintaining/managing the larger infrastructure inside their organization, they

have some problems in terms of cost; man power (with more technical support) and flexibility.

However the services are provided from service providers, SWAF will have their own security

features. Now, all the information has been placed within the firewalls. The Logistics is maintained

with separate branch of technicians. At present, all the services had been centralized (maintenance

and installations) by SWAF in the internal cloud.

6

2.1.3 Practices

Practices context describes the systematic approaches that are used in the organizations and also the

tools and techniques which are used for the development. SWAF, do not develop software or using

the CASE tools, practices, and techniques in their organization.

2.1.4 People

There are about 20000 employees working in the Swedish Armed Forces, and their units consist of

500-1000 people of which about 75 plus of employees working with IT administration. SWAF have

many camps, canton and branches at Afghanistan, Kosovo and other countries (names are not

specified because of some security reasons), the work of IT administration with these countries are of

telecommunication and exchanging data. They manipulate all these data through the internal cloud.

2.1.5 Organization

The organization model describes how the company is organized. Here SWAF works on several

units like Mechanized unit, Cavalry unit, Artillery unit, Air defense unit, Command and Control

Unit, Engineer unit, Logistics unit, CBRN units, where all these units are connected to IT

administration for different kind of works. All these units are operated both in Sweden and abroad.

2.2 Selection of Topic In three occasions we interviewed the external supervisor of SWAF at Malmo University. In the first

interview we were discussing the primary tasks of SWAF and the interviewee was telling that how

they organize, train, and deploy military forces, domestically and internationally. The interviewee

described the different research projects in which SWAF is involved, SWAF were undergoing

several research under different topics like, Communication Security, Virtualization, Mobility, Web

Security, IAM-AC (Identification Authentication Management, Access Control), MMI/MCI (Man-

Machine/ Computer Interaction), Password Management, Automation, Logging, Market analysis,

Security Management, INFO War, Data media UPS (Uninterruptable power supply), Cloud

Computing, Risk Management, Cyber Security, Social media, Interoperability, Awareness,

Information assessment, Information Quality, IT administration, Security Architecture/Design,

Communication between security domains, Business Intelligence and more.

And another project is undergoing that is, PRIO by IBM. By this project they can maintain the

Working time, payments, travelling etc. For these services SWAF will be getting the applications,

infrastructure, and help-desk from IBM. Thus all these above topics have several research works

with different research question. These research works are carried out by the Researchers of SWAF

and from the students of various universities in Sweden.

After looking over the given topics we decided to choose Cloud Computing, where we have good

study background and also taking into consideration that this topic could be related to our Master‟s

Program. In general Cloud Computing is a broad/vast topic; it provides computation, software, data

access, storage and services. On cloud computing many research works are undergoing for SWAF,

among those works we were assigned for evaluating different cloud environments and services with

respect to the requirements. The requirements are explained in the following,

2.3 Problems in the present environment Then in the second interview we collected information about the problems at SWAF. SWAF is a

large scale organization, where several processes are undertaken and dispatched by themselves. We

got the information about the existing cloud environment and the services to be outsourced, but not

the cloud model because of some security reasons. Currently SWAF are using private cloud for

communication, where both sensitive and non-sensitive Information are located in the internal cloud.

7

Also they are maintaining and managing all the services inside their organization. They are having

25 to 30 data-centers located in Sweden. Most of the local data centers are moving to central places.

SWAF is also handling with other problems like troubleshooting software, extending the license of

the product, hiring more employees to recover the technical problems, etc. caused by the internal

cloud services. In the existing cloud environment, SWAF had a specific functionality but they

require in-sourcing (Finance, ERP and Human Resource) and outsourcing (email, conferencing,

social media and travel) functionality in one cloud environment.

This following table describes the problems of current cloud environment (private cloud),

input/requirements and motivation for selecting the requirement.

TABLE 1: Classification of Requirements/Problem/Motivation PROBLEM INPUT/ REQUIREMENT MOTIVATION

The cost of maintaining the

current cloud environment at

SWAF is too high.

AFFORDABLE COST

To reduce the cost of

computing and maintenance

by selecting a suitable cloud

environment, and services for

the available resource.

Maintaining the security for

data exchanging and while

communicating through

network is low when it is

outsourced; in current cloud

environment at SWAF.

HIGH SECURITY

To have good security for

exchanging data and network

communications while it‟s

outsourced to other

organizations.

Performance of the current

cloud environment is low

because the users have some

problems with hardware and

services that are handled by

the users at SWAF.

HIGH PERFORMANCE

To have high performance in

order to execute all the

security devices and cloud

services effectively

Flexibility is less in the

current cloud environment

where SWAF can use the

available services only in

private cloud environment

GREATER FLEXIBLITY

To have greater flexibility in

order to communicate easily

with all the cloud services and

cloud environments

There are few functionalities

like finance, payroll and

Human Resource are present

in the current private cloud

environment.

GREATER FUNCTIONALITY

To have greater functionality

for enhancing many capable

applications to the suggested

cloud environment.

2.4 Requirements of SWAF Then during the third interview we collected the requirements for suggesting the cloud environment

and services. Currently SWAF is using Private cloud; there are some problems (table1) like hardware

maintenance, cost issues, and flexibility in the environment. In order to overcome those problems

SWAF has given requirements (like High Performance, High Security, Affordable Cost, Greater

Flexibility and More functionality) for suggesting a suitable cloud environment for their

organization.

8

REQ1: To decrease the cost of maintenance of the cloud environment compared to the actual

maintenance cost

REQ2: The security of the cloud environment shall not degrade if the company changes to

the new cloud model and outsource services.

REQ3: The cloud model shall have higher performance when outsourcing the services,

compared to the performance of the current cloud model. This can be done by outsourcing

high speed processors for the computer systems.

REQ4: The cloud model shall offer more functionalities compared to the model used today,

for instance by archiving information, backing up functions and by allowing local data to

replicate a public cloud.

REQ5: The cloud model shall offer higher flexibility compared to the flexibility offered with

the actual cloud model. This can be done by outsourcing the infrastructure, instead of

managing and monitoring the services inside the organization.

However the services are provided from service providers (section 2.3), SWAF will have their own

security features. Now, all the information is placed within the firewalls. The Logistics is maintained

with separate branch of technicians. At present, in the private cloud everything had been centralized

(maintained and installed) by SWAF. External Advisor specified that, SWAF wants public net,

restricted net (private), security net in one server which is maintained by SWAF users. They have

also asked to implement the VPN tunnels (see chapter 2.2) in our new proposed system. The

following characteristics are listed for selecting the CC-environment such as, Conceptional

characteristic – service oriented, Economic characteristic – pay-per-use model, where the user can

pay for processing, storage and network on their usage, Virtualization and Security characteristics

9

CHAPTER 3

THEORETICAL BACKGROUND

This chapter describes the definitions of cloud computing (under section 3.1.1), it explains the

different types of cloud environments (such as public, private, hybrid and community clouds, see

section 3.1.2, 3.1.3, 3.1.4, 3.1.5), cloud services (IaaS, PaaS and SaaS) under section 3.3 and VPN

tunnels (for connecting to a private local area network at remote location) which is used for security

purpose. VPN tunnels are used to connect the systems located in remote or local area through a

secured communication. VPN tunnels are described in this chapter (see section 3.2) because it will

be used in our proposal of cloud architecture, in chapter 5. In section 3.3.4 properties of cloud

services are explained briefly and different cloud providers (like Amazon Web Services, GoGrid and

more) are compared with the properties of cloud services. Thereafter, different cloud environments

are compared (see section 3.4); benefits and limitations of CC are listed (see sections 3.5 and 3.6).

3.1 Introduction to Cloud Computing

Cloud Computing delivers services dynamically over the internet. Storage, Operating system,

Hardware, Software and other resources helps in keeping the company‟s IT budget to bare minimum

cost [15]. CC also refers to both the applications delivered as services over internet and the hardware

and software systems in the data centers. It provides services like IaaS (Infrastructure as a Service),

SaaS (Software as a Service), and PaaS (Platform as a Service). CC clients have to trust 3rd party

cloud providers on many sides, especially on the availability of cloud service as well as data security.

The main focus of the thesis is on public, private and hybrid clouds. However there is other kind of

cloud environment like community cloud. These models are explained in the following sections.

To summarize, in the cloud deployment model, networking, platform, storage, and software

infrastructure are provided as services that scale up or down depending on the demand. By deciding

which type of Cloud to deploy, SWAF needs to assess different parameters (like cost, flexibility,

security, performance and functionality) from an architectural point of view.

3.1.1 Definitions of cloud computing The data center‟s hardware and software is what we call “cloud”. Cloud computing is a new model

of computer infrastructure and application services. CC has gained rapid improvement on a global

scale. A cloud offers customers the ability to start businesses without having to pay huge upfront

capital expenses to the services provided by different cloud providers [17]. Major Service providers

in this field are Amazon's EC2 [8], IBM's Smart Business cloud offerings [10], Microsoft's Azure

[11], and Google's AppEngine [9]. There are many definitions of CC given by cloud experts and

organizations, such as the following,

“Gartner”- Cloud computing is a style of computing where massively scalable IT-related

capabilities are provided as a service across the Internet to multiple external customers [51].

“IBM” - A cloud computing platform dynamically provides, configures, reconfigures, and

deprivations servers as needed. Cloud applications use large data centers and powerful servers that

host web applications and web services [52].

“Wikipedia” - A style of computing in which dynamically scalable and often virtualized resources

are provided as a service over the Internet [53].

“451 Group”- The cloud is IT as a service, delivered by IT resources that are independent of location

[54].

10

“National Institute of Standards and Technology” - A model for enabling convenient, on-demand

network access to a shared pool of configurable computing resources (e.g., networks, servers,

storage, applications and services) that can be rapidly provisioned and released with minimal

management effort or service provider interaction [2].

In this section, we describe the benefits of cloud computing, that is, the application of cloud

computing for SWAF by analyzing the work done by the U.S military cloud environment. Their

cloud computing definition is much broader, which only refers to “the use of cloud computing

technology and techniques for the support of localized and short-lived information access and

processing requirements” [12]. They concentrates on cloud computing in a military environment,

supporting series of tasks and/or engagements in real-time within a tight Observe, Orient, Decide,

and Act (OODA) loop [18]. Cloud computing will also be valuable to use in the military operational

and strategic level defense processes, but the environment‟s special limitations and constraints pose a

more difficult problem requiring special consideration.

The following figure 1 shows the basic blocks for computing the cloud environment and services.

They have three delivery models (Cloud Infrastructure as a Service (IaaS), Cloud Platform as a

Service (PaaS), and Cloud Software as a Service (SaaS), and four deployment models Private cloud,

Public Cloud, and Hybrid Cloud and Community cloud computing.

Figure 1: Basic block for Cloud Computing environment and services

Cloud computing builds on the advancements in virtualization technology, grid computing, SOA

(Service Oriented Architecture) and web services technologies. Apart from proposing a design model

we need to evaluate how cloud computing can increase the effectiveness of the military missions.

This evaluation may be done by collecting relevant data from different environments and comparing

with each other, then proposing a suitable infrastructure and deployment model for SWAF.

11

3.1.2 Public cloud Public cloud (which is also called external cloud) allows users to access the cloud via interfaces.

Public clouds are less secure than the other cloud models and one has to ensure that all applications

and data accessed on the public cloud are not subjected to malicious attacks [1]. Performance is one

of the main concern in public cloud computing. Key issues when subscribing to a public cloud is that

we have little control over the public cloud architecture, performance (which can be variable -

capable to change) [58] and sharing resources compared to other cloud environments. By using

public cloud we can avoid the costs of building and maintaining a private storage infrastructure,

opting instead to pay a service provider for the services which are accessed by the users. This feature

enables a greater functionality by providing the benefits of availability (access data from anywhere)

and reliability (not to worry about the backup of data).

Ruan Gaofeng [16] tells how public cloud computing infrastructure could be used at low cost, low

technical barriers and high diversity with Multimedia technology and concludes that by achieving

“the resources and procedures storing and running on cloud share the same human-computer

interaction interface” and this approach is clearly more flexible to achieve, it is easier and cheaper.

Public-cloud providers typically provide the environment; applying traditional perimeter-security

approaches will increase their potential for exploitation. Due to thwart attacks in public clouds [17],

we need to move the security from the edge of the public cloud to the Virtual Machines. The public

cloud offers user access via the Internet, and cloud subscribers perform administrative activities

(knowledge management, e-record service, payroll, accounting and finance, human resource, and

project management) in this environment. This paradigm in itself introduces security risks because

this remote access provides exposure to potential cyber attackers. Although these vulnerabilities

increase the threat space, other concerns pose an equal, if not greater, security threat. For instance, in

public Cloud organizations no need to pay a large upfront cost (e.g., for hardware purchase) before

launching services, or over-provision to accommodate future or peak demand. Instead, the cloud‟s

pay-as-you-go charging model enables the customer to pay for what he/she actually uses and

promises to scale with demand [19].

3.1.3 Private Cloud A private cloud (which is also called internal cloud) is set up within an organization‟s internal project

datacenter. Private computing is easier to align with security, compliance, and a regulatory

requirement, compared to other cloud environments, and provides more enterprise control over

deployment and use. In private cloud computing the performance levels of the application services

such as Windows Azure, Office 365, Xbox Live and Bing services can be optimized. This benefit of

Private cloud can be useful to every IT environment and has the new features like processing

troubleshooting, immediate deployment and general visibility of the services [59].

Private cloud computing is used by many organizations. Private small-cloud computing is based on

three concepts: small clusters, virtualization, and general graphics processor. Private cloud can be

replaced instead of cluster computing, grid computing and distributed computing to avoid the high

cost of data delivery [20]. Jingyu Ding [21] proposed a framework of data center consolidation by

comparing the different VPN implementation technologies. This cloud infrastructure is owned or

leased by a single organization and is operated solely for that organization. Here the Private cloud is

composed by two types of resources: the resource manager and the network resource manager. These

resources extend private cloud to enterprise cloud computing (is a controlled, internal place that

offers the rapid and flexible provisioning of compute power, storage, software, and security services

by meeting the organization requirements) by adding virtual private computing and virtual private

network resource [79]. Where the virtual private computing is mostly kept in public cloud companies

and virtual private computing resources are connected securely to the enterprise infrastructure via

virtual private network provided by telecom carriers.

12

High Scalability and Flexibility for Private Cloud Computing are provided by Eucalyptus 2.0

(infrastructure software that enables organizations to deploy scalable private and hybrid cloud

computing environments within a secure IT infrastructure) [60]. Amazon extends the functionality of

private cloud by widening the networking options and allows customers to specify which of their

VPC (Virtual Private Cloud) resources they wish to access directly through the Internet [61].

3.1.4 Hybrid Cloud In the hybrid cloud (which is also called personal cloud), scalable resources and virtual application

provide virtual IT solutions through a mix of both public and private clouds. Hybrid Clouds provide

more secure control for data and applications and allow various parties to access information over

the Internet. It also has an open environment that allows to interfaces with other management system.

Hybrid cloud makes the customers agree to a viable and cost-saving methodology to make a great

use of public cloud services along with their private cloud services. The cost factors are measured by

considering the bandwidth, storage, power, cooling, physical plant, and operations of the

organization [62].

The composition of two or more clouds in which one has to be public and another has to be private

cloud (private, public or community) is called Hybrid cloud. Most of the users believe that personal

clouds are private clouds. But a Personal Cloud is the hybrid deployment model that combines a

private cloud and a public cloud [22]. Sang-Ho Na proposed a generalized security framework for

personal cloud computing using personal cloud model. Personal cloud is of online storage (which is a

reliable and secure place to store data), online desktop (which allows access anywhere we can

connect to the Internet) and web based applications (Google docs). These connections free up

resources and processing power.

In this environment the performance will be neutral while accessing the applications and services.

Also the hybrid cloud exploits flexibility in the organization, as it can be a composition and

combination of at least one private cloud and at least one public cloud. This environment provides

more prominent functionality by archiving information, backup functions and allowing local data to

be replicated to a public cloud.

Many organizations and Defense departments are using hybrid cloud which consisting of private and

public clouds. For national security purposes, Anya Kim et al. [2] had proposed a national security

hybrid cloud architecture that consists of private clouds for sensitive, non-shared information; public

clouds for information gathering, dissemination of public information; community clouds for

information sharing and collaboration needs. And Anya Kim discussed private and public clouds, but

focus here is on national security community clouds, the security requirements and features of

community cloud.

3.1.5 Community Cloud A Community Cloud is not open to the general public; it is available only to the followed members

of a community, it can be set up where the organization has similar requirement at all their branches

and for sharing their infrastructures. Community Cloud Computing has the advantage of no control

of vendors in Cloud Computing. Compared to other cloud, Community Cloud is as much a social

structure as a technology paradigm, because of the community ownership of the infrastructure [43].

An example is Wikipedia adopts Community CC; it would be dispersed throughout the Community

Cloud alongside other services, which in this environment can be as simple as a webpage or

complex. Examples of complicated tasks, such as editing a Wikipedia page, will require an update to

the distributed storage of the Community Cloud, achieved by transmitting the new data through its

network of nodes, most likely resulting in an eventual consistency mode. We can secure the

13

community cloud by using Virtual Interacting Network Community (Vinci) [46]. Vinci is a software

architecture that aims to increase the shared applications to be secured on a cloud. Vinci architecture

exploits multi-core processors and virtualization to share in a secure way an ICT infrastructure

among users with distinct trust levels and reliability requirements. Vinci partitions users into several

communities, according to the user privileges and to the trust level of the applications the user

executes. For each community, Vinci defines a distinct security policy for accessing the resources.

Instead of acquiring and managing own physical infrastructure, a community defines a virtual

Information and communication Technology (ICT) infrastructure. Vinci includes template to run

user applications protect shared resources and control traffic among communities to filter out

malware or distributed attacks, each of these templates are related to a specific application or system

functionality.

Community cloud computing do not consider the monetary cost when accessing resources, it is made

in a pay-as-you-go manner [45]. When a service is needed to fulfill a request, even without proper

instantiation on a suitable node, a copy should be retrieved from the repository and instantiated as

needed. This allows for flexible responsiveness and resilience to irregular traffic spikes (a transient

variation) [43]. Community cloud-based applications and resources can reduce costs, improve

performance, ease troubleshooting, and enhance privacy and control [63]. Community clouds have a

significant performance over the public cloud by providing their associates with both high-

performance bandwidth and latency.

Community cloud is a resources community formed by services, hardware resources and other

network resources for organizations such as enterprises and institutions. Community cloud users can

easily use the services of resources from different members, without knowing the specific location

where the service is running [45]. Community Clouds will probably require more bandwidth than

vendor Clouds (such as Google, Amazon and Microsoft), but can take advantage of the ever-

increasing bandwidth and deployment of broadband.

3.2 VPN Tunnels The study of VPN Tunnels is made in this section because it is used to gather the security

requirements for designing new cloud model with different cloud environments and services, in

chapter 5.

A Virtual Private Network (VPN) is a private network on a public network infrastructure (Internet).

We can use VPN connectivity for connecting to a private local area network at remote location. It is

frequently used in the organization with remote offices to share network resources and private data.

A VPN can be a good security solution for a large company; especially its IT department can

preinstall VPN clients on the employees‟ laptops. The VPN secures the network connections from

the laptops all the way to the VPN server on the company network.

The basic building block of VPN is the tunnel. “VPN tunnels are often used to connect employees to

their organizations intranet. One end of the tunnel is a VPN software client on the employee‟s laptop

while the other end is the VPN server software running on the organizations computer” [49]. Secure

socket layer (SSL) VPN is a secure remote access solution based on SSL [47] protocol, and performs

rapidly. SSL tunnel is the overlay networking facility for creating a SSL VPN on top of existing

Internet or IP based network. The key factor of using VPN is for minimizing the cost [48].

3.3 Cloud services Cloud computing is an on demand service. The client just need to have a computer and internet

access, everything from services to the maintenance of the services are managed by the provider.

Cloud computing has new services which provides benefits, such as cost reduction, high availability,

14

scalability, fault-tolerance capability and so on. The cloud computing services involves three roles,

such as

Cloud provider - Some organizations (like Amazon) [30] rent or lease the resources like

storage, servers, etc. for their needs, such organizations are known as cloud providers.

Service provider or cloud consumer - The organizations who rent these resources become

cloud consumer and some of the organizations will build applications based on the rented

resources which further offer different services to end users, then they are known as service

providers.

Service consumer - The end user using the services are known as service consumer.

There are many services that are provided by cloud computing providers, such as Infrastructure as a

Service (IaaS), Network as a Service (NaaS), Platform as a Service (PaaS), Data as a Service (DaaS)

and Software as a Service (SaaS). These services are further divided into three levels, such as

hardware level - IaaS, NaaS; application level – DaaS, SaaS and system level - PaaS. There are many

companies like Google, Amazon EC2, salesforce.com and many more that provide the services of

cloud computing.

Figure 2: Example of Companies providing Cloud Computing Services [38]

In this thesis, we had selected three services such as Infrastructure as a Service (IaaS), Platform as a

Service (PaaS) and Software as a Service (SaaS) which are mostly used by different organizations

and could also be used by SWAF. While computing the cloud, SaaS is broadly used when compared

to PaaS, DaaS and NaaS. Network as a Service is a more recent term, originally used in the IT and

cloud computing context but now being increasingly applied in the mobile world. As SWAF is a

defense organization, it could be difficult to maintain the entire infrastructure and to build the

software applications on different platforms as needed to SWAF. By outsourcing the IaaS, SaaS and

PaaS to different IT organizations like Microsoft, IBM and more, SWAF can reduce the technical

work and cost. DaaS is not mostly considered because the service providers offering SaaS are also

offering a layer known as DaaS. Like example, providers such as Salesforce.com, which offer CRM

Software-as-a Services (SaaS), over the internet, have been building out their own cloud platform to

offer new services including a new DaaS layer called Database.com and other emerging platforms

15

are designed to allow apps to run natively on any device. Apart from that SWAF are having their

own data center in Sweden, also they are having their own localized database at all their branches

with database managing and monitoring group. Whether it is a sensitive or non-sensitive data they

want to maintain their data by themselves. In figure 2, we can see some companies which use the

above mentioned cloud computing services for the organizations.

3.3.1 Infrastructure as a Service (IaaS) Infrastructure as a service is an IT solution which tackles the hardware concerns (like reducing

infrastructure cost, maintenance of different resources and security) of an organization. IaaS is the

delivery of computer hardware as a service. It is a one of the cloud layer in CC which minimizes the

need for investments in computing hardware components like servers, storage capacity, memory

capacity, network, load balancing, firewalls and so on. It is characterized by the concept of resource

virtualization which allows customers to deploy and run their own guest operating system on top of

the virtualization software offered by the provider [23]. Virtualization meaning is that the user or

consumer can select a configuration of CPU, memory and storage which could be optimal for their

application. There are many companies that provide infrastructure as a service such as Amazon EC2,

Mosso, Sun, VMware, etc.

Advantage and Disadvantage

The advantage of infrastructure-as-a-service is that companies can access the expensive data center

resources by a rental arrangement and do not need to worry in managing, replacement of disk drives

and networking issues. The disadvantage of IaaS is there is less granular on-demand expandability of

the resource (organizations cannot instantly increase the resources like storage, memory and more).

Some of the providers of Infrastructure-as-a-service are briefly explained, such as Amazon and

GoGrid [75].

Amazon Web Services

Amazon Web Services (AWS) provides the infrastructure web services platform in the cloud to

different organizations. Some of the infrastructure services offered by amazon are: Amazon

CloudFront – it is a web service that provides a high performance and delivers the content globally;

Amazon EC2 (Elastic Compute cloud) – provides the computing capacity; Amazon SimpleDB

(Database); Amazon S3 (Simple Storage Service); Amazon VPD (Virtual Private Cloud) – these are

secure and seamless bridge between a company‟s existing IT infrastructure and AWS cloud.

Examples of services offered to different organizations by AWS are the following: a pharmaceutical

company can rent computing power to execute large-scale simulations, Media Company can serve

unlimited videos and music, an enterprise can deploy bandwidth-consuming services, an e-commerce

web site can be developed without any difficulty and more examples are found in [29]. By using

AWS, companies or IT developers have some benefits like; cost effectiveness, scalable, flexible, and

secure. But for AWS they is no service level agreements (SLA‟s), it is only of instance service.

Among the benefits, security is the important issue for all cloud service providers. In AWS, each

service as different layers of security in which all the data of the customers could be more secured in

all service offerings mentioned above. Amazon EC2 has multilevel security strategies, like security

for host operating system, security for virtual instance or guest operating system, security for a

firewall and network communication [25].

GoGrid

GoGrid [31] is the Infrastructure-as-a-service provider which manages the IT infrastructure, data

centers – it shares power, cooling, security, fire suppression infrastructure with different version and

2 Megawatt generators. It provides the hosting services with secure and reliable cloud platform for

the customers, who can deploy and manage the existing or new applications on servers. It provides

infrastructure components like, cloud storage, cloud servers, dedicated servers and load balance

16

between servers for organizations or enterprises on on-demand access. Organizations or customers

can manage and operate the infrastructure services of GoGrid through web-based interface or

Application Programming Interfaces (APIs). GoGrid [31] is not responsible for any physical access

or copies of software, data or content stored on GoGrid system by third parties, so the level of

security and privacy is very low. When compared to Amazon EC2, GoGrid provides service on

Service Level Agreements (SLA‟s) to the customers and it is less secured than Amazon EC2.

3.3.2 Platform as a Service (PaaS) Platform as a service is the delivery of a computing platform and solution stack as a service without

software downloads or installation for developers, IT managers or end users [24]. It provides self-

contained platforms with all the resources that are needed for application development and

operational hosting. There are some major features of platform as a service that should be delivered

by the service providers in PaaS, such as design, development, deployment, integration, storage and

operations. Some of the platform provider‟s will provide with full stack including an operating

system, programming language, security, storage, version control, collaborative tools and tools to

build web interaction. The companies that provide platform-as-a-service are for example Microsoft,

Google App Engine, Force.com and Engine Yard.

Advantage and Disadvantage

The advantage [75] of platform-as-a-service is that companies or users can access a complete

enterprise development environment at a low cost and build applications. The disadvantage [37] is

that many of the platform-as-a-service providers purchase proprietary programming language (the

programming language owned by the particular service provider) and interfaces, so once the

application is there it may be difficult to move it to an on-premise server (server within the

organization) or another PaaS provider. Some of the providers of platform-as-services are briefly

explained, such as Google App Engine and Window Azure.

Google App Engine

Google App Engine [10] provides platform as a service, that lets the users or customers to run web

application on Google‟s infrastructure, in which applications are easy to build and maintain. There is

no need to maintain servers, only upload the applications to app Engine and starts to serve the users.

Google App Engine supports applications written in several programming languages like, Java

technologies using Java Virtual Machine (JVM), Java servlets and any other language using JVM-

based interpreter such as JavaScript or Ruby and also Python interpreter. All the applications that are

built on App Engine [10] are run in a secure and reliable environment. Google App Engine uses

sandbox for security for separating the running programs from third party or untrusted users.

Sandbox is a computer security mechanism for separating running programs and is used to execute

untrusted programs from unverified third-parties and untrusted users.

Windows Azure

Windows Azure is a Microsoft cloud computing platform. It is a cloud service operating system and

flexible platform that provides the developers to build, manage and store the application and run it on

Microsoft data centers [11]. It supports popular standards, protocols and languages including Simple

Object Access Protocol (SOAP) – it is a simple XML based protocol which lets the applications to

exchange the structure information over (HTTP) [71]; Representational State Transfer (REST) – it is

a software architecture for distributed hypermedia systems such as World Wide Web (WWW) [72],

eXtensible Markup Language (XML) – is used to transport and store data, Java – programming

language; Hypertext Preprocessor (PHP) – it is a general purpose scripting language that is especially

suited for web development [73]; and Ruby – it is a dynamic, interpreted and open source

programming language [74]. In Windows Azure, servers will be behind firewalls to keep the service

17

and data in a secured state. Some of the benefits of Azure are agility, efficiency, simplicity and

trustworthy [11].

3.3.3 Software as a Service (SaaS) The first implementation in cloud services was software-as-a-service. It is a multi-tenant platform

and it is also knows as software on demand. It is an application hosted on a remote server which is

accessed through Internet and is a low-cost way for businesses to have specialized software that

multiple users can operate. It is also a model of software, where a provider licenses an application to

customers as pay-per-use model [25]. SaaS runs on the hardware from the licensor or somewhere in

the cloud and provides the maintenance, installation and management of the software. We can also

say it is a software application functionality offered/consumed over the internet with minimal or no

software installation that is required to access. Some of the providers of SaaS are Force.com, AT&T,

and Media Temple and so on; most of these organizations provide hosting services.

Table 2 explains the difference between traditional packaged software and software as a service.

Table 2: Comparison between Traditional software and software as a service [77] Traditional software (Perpetual licensing) Software as a Service (SaaS)

Traditional software licensing, which

involves the organizations purchasing a

perpetual use of license from the software

publisher and then making additional

investments for hardware, installation, and

maintenance.

SaaS is a service, which organizations buy a

subscription to the software from service

provider and the software provider runs and

maintains the software on the provider‟s

hardware.

Software upgrades will be done depending

upon the organization usage and expenses.

Upgrades where done automatically by the

service provider.

In traditional software, the data will be

secured within the organizations.

In SaaS, data security is an issue because

organizations or users data are stored on the

service provider‟s hardware and systems.

Repeatable functionality via web services,

open API‟s and standard connectors.

Use open API‟s and web services to facilitate

integration.

Advantage and Disadvantage

An advantage of SaaS is that it has the ability to leverage an application without having to buy and

install the software. The disadvantage is that, the security burden falls on the hosting company

(service provider). So, the organizations should trust the service providers to properly secure the

servers on which the virtualized applications runs and the firewall controlling network security [75].

Salesforce.com

Salesforce is an organization that delivers software as a service. Salesforce [35] has a multi-tenant

architecture (it provides both PaaS and SaaS) that each user‟s private source code is stored in a

separate container (it has several containers maintained by sales force for different users) and is

isolated from the others containers. The servers are hosted, managed and maintained by the sales

force. It also includes capabilities such as middleware, security, database management, performance

management and monitoring. It provides integration of a set of standardized web services APIs that

enable the applications to have a common approach to access the information from one application to

another. Salesforce is also a partner for Platform-as-a-Service known as Force.com.

18

Figure 3: Usefulness of different Cloud with the services [39]

Figure 3 presents the transition services and tools, different applications like test and development,

financial, collaboration and many more with different cloud services such as SaaS, PaaS and IaaS.

The cloud environments are preferred according to the applications and also have security and

compliance services maintained by cloud providers and organizations in private environment.

3.3.4 Properties of cloud computing services CC services have different properties such as scalability, reliability, availability, storage, load

balancing, interoperability and pay-per-use model. Organizations consider all these properties before

outsourcing the service from cloud service provider. This section gives brief information on each

property and compares different service providers with these properties.

Scalability

Scalability is the ability to distribute the work of the application/resources through multiple servers

in order to serve more users. It also means that an application can scale when additional users are

added and when the application requirements change. The ability to scale is achieved by providing

elasticity (which is used to increase and decrease the storage capacity of applications with different

users). In cloud computing services, the service consumer cannot control resources (like memory,

network and so on) which are utilized by the services because the service provider is responsible for

rescaling the resources according to the customer‟s requests [24]. Cloud computing services are

divided into two scalabilities, such as horizontal scalability – in which cloud provides services

through load balancing and application delivery and vertical scalability – related to the resources

used by the organizations [25].

Reliability

Reliability is a measure of fault tolerance. Cloud vendors offer specialized hardware and software

services in order to deliver higher reliability. The reliability in services can be given to consumers or

users as a service-level-agreement. Service-level-agreement is the contract between the service

provider and service consumer with all the requests of the consumer. In cloud computing, services

are available on internet and can be accessed through web browser.

19

Storage

In cloud computing services, the software, hardware and data centres can be stored, maintained and

managed by the service provider. For example, Amazon web service has Simple Storage Service

(S3) which provides a semi-structured data store with querying capability.

Security

Security is an important issue in cloud computing services. In terms of services, security is important

concern for data, infrastructure and applications of an organization. When the services are provided

by the cloud service providers, the information of organizations are maintained and hosted by the

service provider. Therefore, cloud computing services become more secure by securing the data and

applications of the organizations.

Load Balancing

Load balancing will allow the services to be offered even if there is a failure. They are used to

activate the routing to split the traffic between the multiple servers and failure servers i.e., if one

component becomes non responsive, it is informed to load balancer and it will no longer send traffic

to it. Load balancing [26] not only serves to keep costs low, but also less stress on the

circuits/components and enables other important features such as scalability.

Interoperability

In general, interoperability means the ability of two or more systems to exchange the information and

to be used with the information that has been exchanged. Cloud computing interoperability allows

the applications to be ported between the clouds before the business applications are delivered from

the cloud [27]. To adopt the wider adoption of CC technology and services, the organization named

Cloud Computing Interoperability Forum (CCIF) has formed to enable the interoperability of

applications with different services between the organizations [34].

Pay-per-use Model

Many of the cloud computing services are provided from different service providers as mentioned

above. In the traditional model, the customer pays monthly even the services that were not used

frequently. But, in this pay-per-use model, the customers pay whenever the service is used by the

customer or enterprise.

In table 3, properties of different service providers of cloud computing services are compared [30,

32, 33 and 35] and from these different options we can choose the best provider for SWAF which

meet their requirements (as described in section 2.3).

20

Table 3: Properties and different cloud computing service providers Service Pro-

-viders

Features

Amazon Web

Services

GoGrid Google App

Engine

Windows

Azure

Salesforce.com

Computing

Architecture

Elastic Compute

Cloud (EC2)

Architecture

-Public Cloud

Data Centre

Architecture

which is

designed to

deliver QoS

level for the

exported

services

Google‟s geo-

distributed

Architecture

Internet scale

cloud services

platform hosted

in Microsoft

data centers

-Private cloud

Multitenant

Architecture –

Allowing single

application to

serve many

customers

Service IaaS IaaS PaaS PaaS SaaS

Load Balancing Load Balancing

algorithms used are

Round-robin load

balancing,

HAProxy

F5 load

balancing,

Round robin,

Sticky Session,

Source address

Automatic scaling

and load balancing

Built-in

hardware load

balancing

Load balancing

among tenants

Fault tolerance System will

automatically alert,

failover and re-

sync

Instantly

scalable and

reliable

Managed by App

Engine Cron

Service

If failure occurs,

SQL Data

services will

automatically

begin using

another replica

of containers

Self management

and self tuning

Interoperability Interoperability

among EC2,

Eucalyptus, etc

-Horizontal

interoperability

Committed to

furthering

interoperability

Interoperability

between platforms

and different

programming

languages

Interoperable

platform can be

used to build

new application

from the cloud

Application level

integration

between clouds

Storage Simple storage

Service (S3) and

SimpleDB

Connecting each

server to private

network or

different

protocols to

transfer data to

and from cloud

storage

Proprietary

database

SQL Server

Data Services

(SSDS)

Database stored in

terms of different

fields

Security Type II (SAS70

Type II)

certification,

firewall,X.509

certification

It does not

provide

guarantee of

security

SDC uses

RSA/128bit or

higher AES

CBC/SHA,

Google secure

data connector

STS (Token

Service) creates

Security

Assertion

Markup

Language

SysTrust SAS 70

Type II

Programming

Framework

Amazon Machine

Image (AMI) and

Amazon Map

reduce framework

Its API supports

Java, Python,

Ruby and uses

REST like

Query interfaces

Support Python,

Java, Java Servlet

API, JDO and

JPA

Microsoft .NET Apex language for

database service

and supports

.NET, C#, Java,

C++

3.3.5 Benefits of Cloud Computing Services Now-a-days cloud computing services are increasingly becoming a popular service models for using

the IT resources that are provided by cloud service providers. There are many cloud services like

Iaas, Saas and Paas which have the following benefits: virtualization of IT infrastructure,

minimization of the business expenses by enabling the users to select the applications needed for

organizations, configuration and modification of services, pay-per-use method, reduction of human

work, and finally integration services and change in technology and internet.

21

3.4 Comparison of cloud Environments This section describes the general concept of the requirements such as cost, security, flexibility,

performance and functionality and comparison of four different cloud environments such as public,

private, hybrid and community clouds with the requirements as specified above.

3.4.1 Definition of requirements

Cost: In cloud computing, the cost depends upon the cloud environments used by the organizations.

Cost is an approach to evaluate the overall costs that are associated with conducting the projects of

an organization or business. Generally, based on standard accounting practices [68], cost accounting

is one of the tools that managers utilize to determine what type and how many expenses are involved

for maintaining the services for current and upcoming projects for organizations.

Security: Computer security is the protection for the information and data. Computer security allows

the information to be accessible for the intended users. Cloud computing security is a sub-domain of

computer security, network security and information security [69]. It refers to a set of policies and

controls deployed to protect the data, applications and related infrastructure of CC.

Flexibility: Flexibility means the property of being flexible. It means, the applications and services

provided from cloud service providers can be flexible (i.e., organizations can select the operating

systems, memory, instant storage or other resources needed) to the organizations.

Performance: The performance of the cloud can be improved by using high frequency processors.

The cloud applications can have more impact on user adoption of different cloud services.

Monitoring and maintaining performance in the cloud requires uninterrupted visibility across the

entire application delivery such as data centre, internet, cloud service provider and end users own

device [70].

Functionality: The main purpose of moving to the cloud is to increase the access to greater

functionality within the limits of fixed funds of the organization. This feature allows business to

increase IT capacity, in real time (Internet-enabled), without investing in new infrastructure,

licensing software and new training professionals. These functions provide more ability to respond

the organization applications [7].

3.4.2 Comparison of the cloud environments with the requirements

Table 3 represents the comparison of the three different cloud environments such as public, private

and hybrid cloud based on the factors such as cost, security, flexibility, performance and

functionality [3, 4, 15, 20, 22, 43, 46, and 48].

22

Table 4: Comparison of cloud environment Factors Public cloud Private cloud Hybrid cloud Community Cloud

General

Aspect

Public cloud or external

cloud describes cloud

computing in the

traditional mainstream

sense

Goggle Apps Engine and

Amazon Web Services –

Public Cloud

Private cloud or internal

cloud is a cloud computing

which is maintained and

managed by the

organization itself and this

cloud is used by most of

the organizations.

Microsoft and IBM Blue

Cloud – Private Cloud

Hybrid cloud is a cloud

computing environment

in which an organization

provides and manages

some resources in-house

(internally) and some of

the resources are

provided externally.

IBM Blue Cloud –

Hybrid Cloud

It is a cloud which

shares the same

infrastructure and as

set of users,

applications and set of

services within the

organizations.

Logica – Community

Cloud

Cost Acceptable for small

organizations, because

maintaining/managing

the larger infrastructure

consumes more cost

with public cloud.

The cost of private cloud is

higher when comparing it

with public cloud. It is

acceptable for large scale

organizations and it costs

less because the

infrastructure will be

maintained by the

organization itself.

The cost of hybrid cloud

depends upon the

services and applications

used in public and private

clouds of an

organization.

The cost of the

community cloud will

be more than other

clouds because the

organization is using

the infrastructure with

all the users within

organization where it

is more secured

Security Public clouds are less

secured when comparing

it with private and

hybrid clouds because

the data will be hosted

on the computer which

is external.

Data and applications are

more secured in private

cloud because in private

cloud the data and

applications are maintained

and managed by the

internal Firewalls by an

organization itself.

Hybrid cloud is also

secured because the

important data and

applications will be

stored in the private

cloud (internally).

Community cloud

consists set of users

and cloud system

shared among the

users is secured with

different security

levels and reliability

requirements.

Flexibility In public cloud, services

and applications will be

more flexible and users

can access all the

applications through and

by pay-per-use model.

Applications and services

are flexible only to the

organization users with

more security because

private cloud is maintained

by organization itself.

Hybrid cloud is more

flexible than other two

cloud environments

where the users can use

and access both

applications and services.

It is more flexible and

can increase the

resources like storage

capacity, bandwidth

and more according to

the users in the

organizations.

Performa

nce

Performance will be less

when compared to

private, hybrid and

community clouds

because; as it is a public

use many users will be

accessing applications

through online.

In private cloud,

organizations can improve

the performance by gaining

the quick access of data

and applications. It has

better performance than the

public and hybrid clouds.

In hybrid cloud,

performance will be

neutral when you access

applications and services

through public and

private cloud

environments.

Performance depends

upon the maintenance

of the infrastructure in

the organizations

Functiona

lity

Functionality of public

cloud has more ability to

respond the applications

needs of external

resources and provide

high availability for

critical applications.

It has better functionality

of data and different

private cloud applications

with more security.

It has better functionality

in which it has

advantages to move

services to public cloud

and it‟s easier for doing

developing and testing on

a private cloud.

Functionality depends

upon the applications

and services that are

maintained by the

organization. Because

the information is

shared inside their

organization.

23

3.5 Benefits of cloud computing Based on the detailed study of CC, we have listed some of the benefits of CC:

Cloud computing is cheaper compared to other architectures and services can be offered on

pay-per-use model. There is no need to buy and install an expensive software or

infrastructure needed by the organization because these are already installed on online

remotely and can be accessed through the applications. In CC, organizations only need to pay

for the services/applications when they are needed by the organizations [27].

CC offers more flexibility compared to other architectures (like client-server, P2P and more).

The staff of the organization can access the files and data that they need, even when they are

working remotely from home or from clients office. Organizations can work collaboratively

on files and documents which can be viewed and edited from multiple locations [76].

CC is dynamically scalable in which organizations can access as much as computing power

necessarily on hourly basis. In an organization the demand for internal users and external

customers‟ increases and decreases, therefore the necessary storage and network capacity can

be added or subtracted on hourly basis [27].

It is highly automated. The software updates, server updates and other computing issues are

performed automatically [27].

In CC, there are many cloud providers that provide cloud services to different organizations.

If the cloud provider is not delivering acceptable performance, an organization can move to

another cloud provider which is offering better service with fewer prices [37].

Users in the Community Cloud will have a node (connecting point at which several lines

come together) on their machine, when it is activated together with other community

exchange by providing resources on fulfilling service requests from other nodes. These

service requests are as simple as instantiating an HTML page or executing a server side

Script [43].

3.6 Limitations of Cloud Computing In our literature study, we had listed some of the limitations of CC below and each limitation of CC

is explained briefly:

The main concern of CC is the security. Many of the organizations are not hosting the

internal data on a computer that is external to their organization because of security issues

[5].

The cloud services which have been provided by cloud providers may be unavailable for

hours or days. Because of this, the applications may be offline until the problem is solved

[17].

A VPN tunnel is ideal if a laptop client wants to communicate with only one server. If the

client want to communicate with multiple servers, it is necessary to launch a VPN tunnel to

each server. If a user wants to browse a Web site, he/she must frequently turn off the VPN

because most Web servers do not support it. This problem can be solved by letting all traffic

from a laptop client go through a company‟s VPN server [47].

The Community Cloud is not owned or controlled by any one organization, and therefore not

dependent on the lifespan or failure of any one organization. It will be robust and resilient to

24

failure, and immune to the system-wide cascade failures of vendor Clouds, because of the

diversity of its supporting nodes. When occasionally failing it will do so gracefully, non-

destructively, and with minimal downtime, as the unaffected nodes compensate for the failure

[43].

3.7 Selection of sources

The objective of this section is selecting the literature where the primary studies had been discussed.

Sources selection criteria and definition are,

We will use peer reviewed articles, Keyword search on web search engines and Referring

references used in the articles for performing the literature study.

We will use general method to achieve the goal by reading the articles, understanding the

concept and writing about the study.

By this general study we will be identifying the input for performing the empirical study.

From the results of literature study and empirical study we will be designing a new cloud

model for SWAF.

Referring references used in the articles

We used only English language for selecting the articles through web search engine. The most used

source for gathering information is books, search engines, white papers and grey literatures.

Following list contains the details of search engines which are used to find the articles.

ACM Digital Library

IEEE Computer Science Digital Library

Springer Link

Science Direct

Engineering Village

By using keywords we searched in the listed search engines. For selecting the initial set of literature,

Abstract of the papers were read out. To refine the selected studies, full texts had been read out.

3.8 Summary of Literature study

For performing this literature study we collected various articles by consulting peer reviewed

articles, empirical studies, searching with keywords on web search engines and referring references

used in the articles. Search engines, books, grey literatures and white papers are identified as the

sources of information. We used the following search engines to find the articles

ACM Digital Library

IEEE Computer Science Digital Library

Springer Link

Science@Direct

Engineering Village

Public Cloud - Provides services to general public. It is used in the small scale and medium

scale organization.

Private Cloud - A setup within the organization internal datacenters. It is used in the medium

scale and large scale organization.

Hybrid Cloud - Scalable resources and virtual application provide virtual IT solutions through

a mix of both public and private clouds. This environment is mostly operated at the Large

scale organizations.

25

Community Cloud - Instead of acquiring and managing own physical infrastructure, a

community defines a virtual Information and Communication Technology (ICT)

infrastructure.

Cloud computing has new services (SaaS, PaaS, IaaS) , which provides benefits such as cost

reduction by use of pay-per-use model, high availability by activating the routing to split the

traffic between the multiple servers and failure servers, scalability by distributing the work of

application/resources through multiple servers in order to serve more users, reliability by

measuring the fault tolerance and by making the data available over the internet which can be

accessed through any web browser.

Infrastructure as a service is an IT solution which tackles the hardware concerns (like

reducing infrastructure cost, maintenance of different resources and security) of an

organization. IaaS provider‟s will provide hardware components like servers, processors,

storage capacity, memory capacity, firewalls and load balancing to the users. It also

minimizes the need of huge investment in computing.

Example:Amazon Web Services, GoGrid

Platform as a Service provides the entire infrastructure needed to run applications over the

internet. PaaS provider‟s will provide with full stack including an operating system,

programming language, security, storage, version control, collaborative tools and tools to

build web interaction. It offers a faster and cost-effective model for application development

and delivery.

Examples: Google App Engine, Windows Azure

Software-as-a-Service is offered/consumed over the internet with minimal or no software

installation that is required to access. DaaS is not mostly considered because the service

providers offering SaaS are also offering a layer known as DaaS.

Examples: Salesforce.com, AT&T and Media Temple.

A VPN (Virtual Private Network) is a private network on a public network infrastructure

(Internet), this connectivity is used for connecting to a private local area network at remote

location. It‟s frequently used in the organization with remote offices to share network

resources and private data.

Example: To connect employees to their organizations intranet.

We have included and excluded many articles during the study. Many articles that had been

studied but excluded, as they not were being related to the research topic.

The article written by Anya Kim et al.[2] completely fits into this research work, where they

have proposed a national security hybrid cloud architecture, that contains of private clouds

for sensitive information; public clouds for information gathering, dissemination of public

information; community clouds for information sharing and collaboration needs.

26

CHAPTER 4

RESEARCH METHODOLOGY

Research is a systematic way to find solution to the problems. Qualitative, quantitative and mixed

methods are the basic types of research methods. In this chapter, the methods used to accomplish the

work are presented, together with the process of survey and interview.

4.1 Research Design The research approach used in this thesis is mixed research method. Mixed research method is based

on both qualitative and quantitative method. Quantitative research involves the collection of data so

that the information can be quantified and subjected to statistical treatment in order to support or

refute “alternate knowledge claims” [64]. In our thesis, we had been conducted a statistical survey

with a set of questionnaire to the organization's experts in cloud computing and by analyzing the

results of the CC experts we will suggest a quantitative solution for SWAF. Shank [66] defines

qualitative research as “a form of systematic empirical inquiry into meaning”. By systematic, it

means “planned, ordered and public”, following rules agreed upon by the members of the qualitative

research community. By empirical, it means that this type of inquiry is grounded in the world of

experience. Inquiry into meaning says researchers try to understand how others make sense of their

experience. In our thesis, the data is collected through text by conducting the empirical study (survey

(open ended questions) and interviews) on CC, cloud environments and cloud services. We will

conduct direct interviews (Face to Face interviews) and indirect interviews (Telephone interview) in

which we had prepared a set of questionnaire based on our research questions.

During the literature review, related research on CC has been studied focusing on different cloud

environments (public cloud, private cloud, hybrid cloud and community cloud) and cloud services

(IaaS, SaaS and PaaS). Different material had been used during the literature review such as:

1. Conference papers

2. Journal and articles

3. Online websites

Also the main selection of sources is described in section 3.7.

Figure 4: Research methodology used in our thesis

27

We designed the research of our thesis study as described in Figure 4. The requirements

Performance, Security, Cost, Flexibility and Functionality are collected from SWAF (section 2.3) by

conducting interview with the external supervisor and finally it has been used as the input for our

research. We began our work by implementing the research question (RQ1 and RQ2), as an initial

step of research we started performing the literature study. During this qualitative research, we

studied about different cloud environment, cloud services with examples, security measurements and

compared the different cloud environments, services with respect to the requirements given by

SWAF. Also this study helped us to start our empirical study for framing the questionnaires for

interview and survey. As a part of quantitative research we surveyed and interviewed the companies

those who use and not use cloud computing. By conducting the survey and interview with parallel to

the literature study, we suggested the suitable cloud environment and services for SWAF. Finally, we

proposed a new cloud model by getting a different set of security requirements (section 6.1) from

SWAF, literature study and with the use of suggested cloud environments and services. The research

methodology and research process of this project is described in table 5.

Table 5: Mapping of Research Process and Research Methodology

By analysing the data collected from survey and interviews we will suggest suitable cloud

environment from public, private, hybrid and community clouds based on different parameters like

cost, security, scalability, flexibility, performance and functionality of CC for SWAF. We will design

a model in the suggested cloud environment by considering the requirements like data transfer,

storage, security and communication for SWAF.

Research Process Research Methodology

Literature Review

Answers: RQ1 and RQ 2

Literature review helps in gathering information and we have found the

related reports based on the CC and different cloud environments (public,

private and hybrid clouds). Also it helps to find the relevant data on

cloud services.

The literature study has been done on the cloud computing environments

which are explained in section 3.2 and services such as IaaS, SaaS &

PaaS in which the features and service offerings are explained in section

3.4. Based on this literature study we prepared the questionnaire for

survey and interviews.

Survey

Answers: RQ1 and RQ 2

Survey is conducted for the purpose of identifying the most frequently

cloud environment and services used by the organizations. These survey

questions are generated after making the literature study. Its explained

detailed in Section 5.1.

Interview

Answers: RQ1 and RQ 2

Interview is conducted for the purpose of identifying and gathering

opinion from IT experts on cloud environments, services and limitations

of CC. We conducted both direct (Face-to-face) and indirect interview

(Telephone). These interviews help us to answer the RQ1.

As it is a semi-structured interview, more questions had been extracted

from the prepared questionnaire [Appendix 2] to get overall knowledge

of the topic. The interview conducted by each organization is explained

in Section 5.2

Design Science Research Method (Build and Evaluate): We have used design Science research

method for designing a cloud model. We will propose a new cloud model after answering the RQ1

and RQ2. This proposed cloud model will be evaluated by the advisors at SWAF. After that, the cloud

model will be improved with their suggestions.

28

4.2 Survey Process A survey is a non-experimental, descriptive research method [67]. Survey is a method, when a

researcher wants to collect data on phenomena that cannot be directly observed. Survey is conducted

for the purpose of identifying the most frequently used cloud environment and services used by

organizations. By conducting this survey, we will suggest a suitable cloud environment for large

scale organization (SWAF).

4.2.1 Survey Objective

The goal of our survey is to gather the information on cloud environments (public, private, and

hybrid clouds) and cloud services from different organizations that are using CC and evaluate the

cloud environment that could be suitable for SWAF. The goal of the survey can be achieved by

collecting the opinions and experiences of the participants on the different aspects such as flexibility,

performance, security, cost and functionality of different cloud environments.

4.2.2 Survey Preparation

For the survey, a set of questions has been prepared based on the literature study of cloud

environments and cloud services. Questions are based on the requirements such as performance, cost,

security, flexibility and better functionality of cloud environments that were specified by SWAF. For

conducting the survey in beginning we have prepared nearly 10 questions which were extended to 18

questions based on the suggestions from our academic and SWAF supervisors. In average, it takes

20mins to answer the survey. Before publishing the survey link in online, we as the participants

conducted a pilot-test in order to indicate the time needed for the participant to answer the survey

and accordingly we had also changed some questions in the questionnaire and layout of the survey.

Questions are framed based on the CC, requirements of cloud environments, few questions are based

on the priority of cloud environments. There are also questions on the motivations why organizations

shift to cloud computing architecture from their previous architecture (like Client-server, P2P and

many more). To approach the organization, a covering letter has been given by our academic

supervisor with specifying our names and small description of our thesis topic.

4.2.3 Survey Participants

The survey is conducted through online, known as online survey to different organizations that are

using CC. The link of the survey (https://www.kwiksurveys.com?s=IMKKON_efa9e4bf) had been

posted to 20 participants through e-mails to different cloud experts in different organizations and also

published in social networking forums. By taking the covering letter from our supervisor, we have

also approached some organizations using CC and CC services such as Oracle, Swedbank, TCS,

IBM and Sun micro systems. Oracle is an open and integrated hardware and software organization

and conducted survey with CC expert in IT department working as database analysts. Swedbank is

bank and send an online survey to the developer in IT department. Tata Consultancy Services (TCS)

is an IT services, business solutions and outsourcing organization and survey had answered by the IT

manager having good experience in CC. IBM is an information processing organization with

thousands of technology and survey is conducted with the system developer who has experience in

CC. Sun Microsystems is a multinational vendor of computers, computer software and hardware and

information technology services and survey is answered by the system developer. Later, we also

published the survey link through online in social networking forums like LinkedIn.

4.2.4 Execution

As it was an online survey, the link of the survey had been mailed to different cloud experts

(participants) working at different organizations. From the 20 participants, 14 participants had

responded to the survey. Among these 14 participants, 11 participants responded through emails and

3 participants answered through social networking forums. From these 14 answers, the analysis of

the results of survey had been done which is explained in chapter 5.

29

4.3 Interview Process As a part of our research we have conducted direct and indirect interviews to gather the qualitative

information [64]. The purpose of the interviews is to know the opinion about CC, limitations of CC

and other architectures currently used in their organizations (like client server, P2P and more). There

are different kinds of interviews; the interviews conducted in our research are semi structured

interviews. There are different types of interview structure such as structured, unstructured and semi-

structured interviews. Structured interview is a limited set of questions and get specific answers

related to the prepared questionnaire. Unstructured interview is flexible and allows new questions

(other than prepared questions) to be brought up during the interview depending upon the

interviewee. Semi-structured is the mix of both structured and unstructured interviews. In our

research, we used semi-structured interview in which we had asked more questions from the

prepared questionnaire.

4.3.1 Interview Objective

The goal of our interview is to know the opinion on cloud environments, services and limitations of

CC of the IT experts of the interviewed organizations. From these interviews, we will also find the

pros and cons of CC from the organizations that are using other architectures.

4.3.2 Interview Preparation

From the detailed study of our literature review, we had decided to conduct direct and indirect

interviews with the organizations using CC and organizations using other architectures like client-

server, P2P and more.

To conduct the direct (face to face) and indirect (telephone) interviews a set of questions is prepared

and it consists of 9 questions. The interview topics had been sent to the interviewee before the day of

interview because the interviewee can be prepared well in advance. Before conducting the

interviews, the covering letter had been written by our academic supervisor (as specified above) to

approach the organization. With this covering letter we had approached the organizations and got

appointment for interview. The prepared questionnaire for the interview is based on CC and different

architectures (like client-server, P2P and more).

4.3.3 Interview Participants

We had conducted interviews with different organizations by approaching them with a covering

letter given by our supervisor. We had got appointment with some organizations like Accenture, City

Network Hosting (CNH), Sandvik and ST Ericsson to conduct the direct and indirect interviews.

Interviewee 1 is working in Accenture as a Research Analyst in cloud computing. The company is

working on global management consulting, technology and outsourcing services. Interviewee 2 is

working in City Network Hosting (CNH) as Computer System Engineer; they are the leading

providers of hosting services and offers Service Level Agreement (SLA) with 100% uptime

guarantee (according to the interviewee). Interviewee 3 is from Sandvik AB who is working as IT

Manager, they are related to mining and construction. Interviewee 4 is working at ST Ericsson as

Technician; they work on mobile communications. Before conducting the interview, we have done a

pilot-test, to determine the time for a participant to be answered and to test the understandability of

the questions. Based on the pilot test we made corrections and improvements in the questions.

4.3.4 Execution

The interview was conducted with four organizations based on CC and other architectures. During

the interview, as it was direct interview the data was collected by taking notes on paper and time

taken for conducting the interview was 30 minutes. The interview was taken by 2 interviewers with

one interviewee (related to IT department) of the organization. The main focus was to know the

30

opinions of the interviewee on CC, cloud environments and draw backs of CC. The main points had

been taken from the empirical study and discussed.

4.4 Instruments Used during the Survey and Interview study For conducting the survey and interview study, we had used a covering letter from university,

questionnaire for survey (Appendix2) and questionnaire for interview (Appendix3). Description and

time taken for accomplishing the instrument are discussed in the table 6.

Table 6: Instruments used in our research Instrument Name Description Time needed

Questionnaire for survey Questionnaire to be filled by

participants

20 mins (For each participant

to answer)

Questionnaire for

interview

Questionnaire to be answered by

the participants

25 mins (For each interview)

Results of survey

(including interviews)

Results are explained in the form

of graphs

Depends upon results

4.5 Threats to Validity This section describes the possible threats to validity of the empirical study (survey and interview

study) during the research, such as internal validity, conclusion validity, construct and external

validity and reliability. We had explained all the possible threats to validity of the survey and

interview study and also explained how to minimize the threats to validity.

Threats to validity for Survey: During our research, due to the limited number of article collection,

the data related to the topic may not be sufficient for preparing the questionnaire. Because of this we

may miss some important data from the other articles which could be internal validity. So, to

overcome this validity we had collected all the articles related to our research and prepared a

questionnaire for conducting the survey with the CC experts of different organizations.

The number of participants in the evaluation of survey results may not be enough for the

generalization of the results. This may be the threat for the conclusion validity of the evaluation

results, because the participants for answering the survey may not be enough in order to generalize

our results. To minimize this risk we had approached more CC organizations for answering our

survey.

During the preparation of questionnaire, the questions and words may not be framed correctly which

could be possible threat to construct validity. As it is the online survey, participants may give wrong

answers because of misunderstanding of the questions. To overcome this threat, after finishing the

questionnaire all the questions had been investigated by the supervisors and changed accordingly.

So, by framing the questions in a correct way the questionnaire could be understandable for the

participants in the survey.

After finishing the questionnaire for survey, we started approaching the organizations. We have

found the threat to external validity, which is to find the organizations using CC and cloud experts of

the organizations. To overcome this threat, we had taken the reference from our supervisors and

colleagues to approach the organizations cloud experts and completed our survey.

Reliability is to examine the stability and constituency of the approach used by the researchers.

Sometimes the results will not be appropriate of what we were expecting, this occurs only because if

the participant answers the survey without the knowledge of topic. In order to overcome this

situational reliability [65] we have approached the organization using cloud computing and also not

31

the person who knows anything about cloud computing. Reliability is measured by simplifying the

results given from the participants.

Threats to validity for Interview study: In our research we had conducted both direct and indirect

interviews in which we had found some of threats to validity. Such as external and construct validity

and reliability.

Interviews had been conducted with the organizations using CC and not using CC. We had found

some difficulty for preparing the questionnaire for interviews because, we need to frame questions

for the organizations using CC and not using CC. To overcome this threat to construct validity, we

had referred more articles and framed the questions accordingly.

In our interview study we found the threat to external validity for contacting the organizations not

using CC and approaching particular person from the organization for interview. To minimize this

threat, we had taken the reference of our supervisors and approached the organizations.

Some time the low quality of the interview phone calls and/or the difficulty of understanding the

interviewee accent, could lead to a threat of misinterpreting the interview information. In order to

mitigate the above Instrument reliability (research instrument we used) threat [65] we used to record

the interviews and listen it again.

32

CHAPTER 5

RESULTS OF THE EMPIRICAL STUDIES

This chapter is dedicated to the results of the survey and interviews conducted in this research. The

sections CC environments and cloud services will present the quantitative data from the survey and

qualitative data collected from interviews. This chapter also contains discussion section, based on the

analysis of the results of the survey and interviews and also the discussion for suggesting the cloud

environment.

5.1 Results of the Survey The online survey conducted in this research consists of 18 questions, which have been prepared

based on the research questions and the requirements (cost, security, flexibility, performance and

functionality) suggested by SWAF. Each question in the survey will provide a possible and suitable

solution for suggesting the best cloud environment to SWAF. An excerpt of the online survey is

shown in figure 5.

Figure 5: Excerpt of the online survey

In this survey, questions are formed according to the goals of SWAF. As it is an online survey, the

link of the survey has been distributed to many organizations that are using CC and 14 cloud experts

of different organizations have responded to our survey. Some of the participants that responded our

survey have been described in section 4.3.3. Other participants responded since our survey was

published on social networks like LinkedIn. But due to secrecy requirements we cannot reveal the

names of the participant and of few organizations. From the 14 participants, almost 9 participants

answered all the questions but 5 participants had answered only 12 questions in the survey. This may

be caused by misunderstanding of the questions. Below are the analysed results of the different

organizations which are explained in the separate sub-sections regarding CC and cloud services.

33

Employees working on CC: As CC has been used by small, medium and large organizations, there

may be few employees working in the organization. Therefore, the first question requires the number

of employees working on CC in the particular organizations. In general, CC may be used by small

organizations and employees working in the organizations can be between 10 to 50 employees.

There are also some large organizations using CC and providing services to different organizations.

The employees working in large organizations in CC can be more than 200 employees.

One of the questions asked in the survey is, „How many employees are working on cloud computing

in your organization? Table 7 presents the employees working in the particular organizations on CC.

Table 7: Employees working on CC in the Organizations No. of Employee No. of Participants Answered Total %

1 to 10 Employee 3 33.33%

10 to 50 Employee 2 22.22%

50 to 100 Employee 1 11.11%

100 to 200 Employee 1 11.11%

200+ Employee 2 22.22%

Benefits of CC: With the CC architecture, many organizations have more benefits (like cost

effective, better functionality, flexibility and more) when compared to other architectures. Therefore,

many of the organizations use CC and the organizations which are not using CC are shifting to CC

because of the benefits specified above. Nine participants answered this question, and eight of them

are more satisfied with the benefits of CC compared to other architecture. One participant is not

satisfied with CC with the reason of „security‟ (because if the services are provided by cloud service

providers, the data of the organizations will be maintained by the provider. So, the data can be

hacked by the third party users). There are many other architectures like client-server, P2P, Grid, etc.

that have been used by the organizations that answered our survey. But, after knowing the benefits of

CC architecture 60% of the organizations have shifted to CC architecture. From the answers

presented in the survey, 6 participants shifted from „client-server architecture and dedicated

servers‟ to CC and 3 participants are using CC from the launch period.

Reasons for shifting to CC architecture: In CC there are many reasons (like pay-per-use model,

good performance, flexibility, security, data centres, storage capacity and more) for the organizations

for shifting from Client-server, P2P or Grid architecture to CC architecture. A question in the survey

asks to rate the reasons for shifting to CC architecture. Figure 6 shows the ratings given by the

participants. From the answer presented by participants, the main reasons for shifting to CC

architecture are reduce administration cost (20%), reduce hardware infrastructure cost (18%), data

centres and storage capacity (18%), flexibility (15%) and next are availability (9%) performance

(5%), pay-per-use model (7%) and security (6%). Other reasons are also presented by the

participants such as:

„Pay by Hour and provided security is guaranteed‟

34

Figure 6: Rating the reasons for shifting to CC architecture

Selection and reasons of Cloud environments: The above sub sections were related to the CC

architecture. This sub section presents the answers given by the participants on cloud environments

such as public cloud, private cloud and hybrid cloud. The question asked is „which cloud

environment is used by the organization?‟ Participants have selected the cloud used by the

organization and figure 7 shows the use of public, private and hybrid cloud by different

organizations. Public and private clouds are equally used by the organizations and hybrid cloud is

used by only one organization. Hence, selecting the cloud environment depends upon the

applications and services used by the organization.

Figure 7: Usage of Cloud Environments

Participants also explained why the particular cloud is used by the organization. Here are the reasons

given by the different participants:

35

I think Unisys needs to be visible to gain clients, so they would have much gain from public

cloud. Mobile Technology, R&D is main part & in Today's Environment.

It is very important for security. Flexibility - To be able to power on and off or add new or

remove old hardware in a instance.

Reduce IT admin cost and less infrastructure costs.

Better service for the clients at a reduced price.

Easy and cost effective.

Because of Customers demand and Security private is used‟.

Priority of cloud environments and cost of public, private and hybrid cloud: Though the

organizations are using a particular cloud, they also give priority to other clouds. Participants were

asked to give the priority for the clouds according to their opinion and knowledge. Figure 8

represents the priority of each cloud, according to the answers of the participants. Public and private

clouds have the 1st priority with 32%, hybrid cloud as 27% and other clouds mentioned by

participants is community cloud chosen by 9% of participants. They were also asked about the cost

of the computing in different cloud environments. But, only the cost of public cloud was given by

three participants of different organizations. The cost of public cloud according to the participants is:

Participant 1(Medium Organization) - 130-2500+ Kr/Month

Participant 2 (Small Organization) - $250 /Month

Participant 3 (Large Organization) - $1200/ Month

Figure 8: Priority of cloud environments

Factors of public, private and hybrid clouds: According to SWAF, the important factors to be

considered for deciding the cloud environment for an organization are security, cost, performance,

flexibility and better functionality. In survey for question (SQ) number 10, 11 and 12 we have used

the ranking method. The five factors (Security, Cost, Functionality, flexibility and Performance) are

the inputs given by SWAF, we have used these inputs in our survey to identify how the organizations

36

are selecting the cloud environment based on the giving ranking to each factors according to the

opinion and experience. Table 8 describes the ranking factors in detail.

Table 8: Values for the factors according to the rank scale

The factors above are not unique, they have different meaning. If the cost is very important that is

equal to the cheap cost. If the security is unimportant that is equal to low security feature. Some

participants (survey answerer) have not selected the option of „Hybrid cloud‟ because, they gave

ratings based on the use of the current and existing system. This is all based upon the user

understandability.

Example: Assume that: - Organization 1 Answer for Survey Questions (SQ), refer to Appendix1 for

survey questions.

SQ10: Security=3; Cost=4; Functionality=2; Flexibility=4; Performance=5;

SQ11: Security=2; Cost=3, Functionality=4; Flexibility=2; Performance=5;

SQ12: Security=4; Cost=5; Functionality=5; Flexibility=3; Performance=3;

In this scenario the participant says that, Security is normal, cost is low, functionality is low,

flexibility is high and performance is very high for public cloud (SQ10); Security is low, cost is

moderate, functionality is high, flexibility is low and performance is very high for private cloud

(SQ11); Security is good, cost is very low, functionality is very high, flexibility is moderate and

performance is very high for hybrid cloud (SQ12).

Figure 9, 10, 11 shows the ranking of the factors of each cloud environment done by the

participants.

Factors /

Scale

1-Very

Unimportant

2-Unimportant 3-Neutral 4-Important 5-Very

Important

Security No Security Low Security Normal Security Good Security Very good Security

Functionality Very Low Low Moderate High Very High

Cost Very High High Moderate Low Very Low

Performance Very Low Low Moderate High Very High

Flexibility Very Low Low Moderate High Very High

37

Figure 9: Rating for the factors of public cloud

Figure 10: Rating for the factors of private cloud

Figure 11: Rating for the factors of hybrid cloud

According to the ratings of cloud environments, hybrid cloud is preferable for the organizations. By

using hybrid cloud, organizations data could be secured in private cloud and the cost depends upon

the computing (internal or external resources) with good performance, flexibility and better

functionality. The reasons for the preference of hybrid cloud are described in the following question.

Importance of hybrid cloud: From the above analyses, most of the organizations are using private

and public cloud environment. But, now-a-days few organizations also prefer the hybrid cloud

environment which is a mix of both public and private cloud. By using hybrid cloud, organization

can use the internal and external resources. The question asked to the participants is weather the

38

organization will shift to the hybrid cloud in future if necessary. 38% of the participants would like

to shift to the hybrid cloud and 62% of the participants answered that they will not shift to the hybrid

cloud. Participants have given the reasons for shifting to the hybrid cloud, such as:

Security (This means hybrid cloud is more secured than the private and public clouds)

The ability to use your software and saved files with different servers would be strong factor

Some services can be provided some resources internally while choosing to outsource some

externally.

Selections and reasons of cloud service models: The previous sections described CC and cloud

environments. There are also three different cloud service models such as Infrastructure as a Service

(IaaS), Software as a Service (SaaS) and Platform as a Service (PaaS) as described in section 3.3.1,

3.3.2 and 3.3.3. Many organizations are outsourcing different services to cloud service providers.

The questions asked to the participant is „what are the services used by the organization?‟ Analysing

the results, Iaas and SaaS are mostly used and PaaS is only used by few organizations. Figure 12

shows the usage of different service models used in the cloud computing companies.

Figure 12: Usage of Cloud Service Models

Participants have given the reasons for the selected services:

Because this is what the service providers can provide without outsourcing. Service providers

have to get the software from micro-soft‟

The ability to have full control and add what I want

We are a software service providers, so SaaS suits our offerings

Customers requirement

Standardization, Business process Management(BPM)

IT services/applications to be outsourced from cloud providers: When an organization

outsources a service from a service provider, the IT services/applications can be preferred by them.

Examples of IT services are mail servers, knowledge management infrastructure, electronic record

service, pay roll, human resource, Supply Chain Management (Logistics), Accounting and Finance,

Project Management and many more. Some of the IT services and applications have been ranked by

the participants depending if these are used in their organization. Figure 13 shows the percentage of

each IT service/applications that are used by the participants in their organizations. One of the

participants had specified other service that is, „Web servers‟.

39

Figure 13: Rating for IT Services/Applications to be outsourced by Cloud Providers

5.1.1 Summary of the survey

This survey has been conducted with organizations to know the use of CC, cloud services and cloud

environments such as public, private, community and hybrid cloud environments based on

parameters like cost, security, performance, flexibility and functionality. By analysing the survey, we

found that most of the organizations have shifted to CC architecture and many organizations are

using private and public cloud environments. But most of the organizations prefer to shift to the

hybrid cloud environment because of more functionality. And other reasons for shifting to CC

architecture are reduce administration cost, reduce hardware infrastructure cost, data centres and

storage capacity, flexibility and availability, performance, pay-per-use model and security.

According to the ratings given to factors of different cloud environments, private cloud (figure 9) is

mostly used because of security, flexibility and performance. But, few of the organizations prefer

public cloud environment (figure 10) because of low cost, flexibility and security. Based on the

ratings of the factors of cloud environments, hybrid cloud is better than the public and private clouds.

Hybrid cloud (figure 11) is preferred because of security, cost, performance, flexibility and its better

functionality. Organizations are also ready to move to hybrid cloud environment which is a mix of

both private (internal) cloud and public (external) cloud. By using hybrid cloud environment, the

organization can provide some resources internally and can also choose to outsource some resources

externally.

Most of the organizations need to outsource SaaS and IaaS from different cloud service providers.

Besides SaaS, PaaS and IaaS some of the other applications or services are been suggested by the

participants in the survey that are could be outsourced from cloud providers such as mail servers,

supply chain management, pay roll, web servers and many more.

5.2 Results of the Interview study As described in section 4.4.1, interviews have been conducted with the organizations those who were

using and not using CC. We have also considered the interviews of the organizations not using CC in

order to find the limitations of CC architecture. It has been a difficult task to find organizations for

conducting the interviews, we succeeded to find four different organizations described in section

4.4.3. Interviewees were asked about the architecture used in the particular organization, opinion of

cloud environments and cloud services. Limitations of CC architecture were asked to the

organizations that are using other architecture (like client-server, P2P and more). Below are

interview questions and results which are explained according to each interviewee.

40

Is the organization using cloud computing? If not, what is the other architecture the

organization is using?

Organizations are using different architectures like CC, client-server, P2P, grid and many [21]. The

interviewees described the architecture that is used by their organization. Interviewee 1 is using CC

architecture, the organization uses a hybrid cloud environment and it is also a cloud provider, cloud

implementer and cloud consumer, in which they provide services to different organizations.

Interviewee 2 is using CC architecture and uses private cloud environment and it is one of the

leading providers for hosting services. The interviewee 3 and 4 are not using CC architecture

presently and the architecture used by them is client-server architecture.

If the organizations are using other architectures, is it useful than CC? If yes, what is the

reason?

The different architectures are used according to the requirements of the organizations. The

interviewees have given different opinions on the reasons of the architecture used by them.

Interviewees 1 and 2 say, as they are using CC architecture, this is better and useful than other

architectures, because it is more flexible, good performance, cost effective and secured. Interviewee

3 says that, since they are using client-server architecture, it depends upon the satisfaction of the

customers and the applications needed by the organization may change according to the customers.

Interviewee 4 says that, according to the demands of the customers, the client-server architecture is

used by their organization and it is client for Unisys and HP where the entire infrastructure is

maintained by the Unisys and HP.

Why is the organization not using CC? Do you find any drawbacks in CC?

There are many benefits for using the CC architecture and there are also some drawbacks. As

interviewees 1 and 2 are using CC architecture, they did not find any drawback of CC. Interviewee 3

says that the main reason of the organization for not moving to CC is the security issue and because

of failures in the cloud (when using services from different cloud provider). According to

interviewee 4, there may be the possibility of moving the client-server architecture to CC, but

because of other demands from the organization and from the clients, they have not yet decided to

change architecture.

There are some parameters (like scalability, flexibility, security, performance and cost) in CC

which organizations are more concerned. So, can you see these parameters in the architecture

used by your organization?

Based on interviewees 1 and 2, the CC architecture is used because of flexibility, security, and

performance and reduces the cost of infrastructure. According to interviewee 3, security is an

important attribute for the sensitive information i.e., the details of the products, quality and more are

maintained and managed by ERP (Enterprise Resource Planning) that assures more security of

Sandviken. ERP integrates internal and external management information across an entire

organization like Finance/accounting, manufacturing, sales and services. The data and applications

are well secured within the organization behind the firewalls. But the cost of ERP is higher when

compared to CC architecture because the organization itself should maintain the entire infrastructure,

servers, different services like network, storage and more. Interviewee 4 says that the applications

and services are scaled according to the users and as the organizations are using client-server

architecture the data is maintained securely inside the organization.

41

Are the data centres and services like IaaS, SaaS, PaaS maintained and managed by the

organization itself?

Data centres depend upon the size of the organizations. As we interviewed large organizations with

more than 200 employees, all the organizations are maintaining and managing their own data centres.

Interviewee 1 says that, since he works in a large organization, data centres and service are

maintained by the organization itself and also provide services (service provider) to different

organizations. Interviewee 2 also said that the data centres and services are maintained by the

organisation which also acts as cloud service providers. According to interviewee 3, the services

depend upon the projects given by the clients. Based on interviewee 4, since the company is a client

for Unisys and HP, data centres and services are maintained by the Unisys and HP

If you prefer CC for your organization, which cloud environment (public cloud, private cloud

or hybrid cloud) do you prefer? Why?

As there are different cloud environments, the priority of cloud environment depend upon the

applications and services used by the organization. According to interviewee 1, most of the

organizations prefer private cloud but if the organizations want to use external resources they may

also prefer hybrid cloud. Therefore, the organization of interview 1 is using hybrid cloud because the

organization is using and providing both internal and external resources. According to interviewee 2,

for small organizations public cloud environment is preferred because the main reason is lower cost

(purchasing own servers, maintaining hardware and software‟s, power consumption and maintenance

problems, recruiting more technicians for maintenance), flexibility (to be able to power on and off or

add new or remove old hardware in an instance). According to interviewee 2, large organization

prefer hybrid cloud environment because it combines the both private and public services for an

organization. Interviewee 3 says that it depends on the applications and services used by the

organization. Interviewee 4 prefers private cloud environment in future because it is a mobile

organization and think that hybrid cloud could only be used for large scale organizations using

external resources.

What is your opinion on hybrid cloud?

Based on all interviewees, hybrid cloud could be used by large organizations where they can use

both internal (private) and external (public) services securely. Hybrid cloud is more flexible and has

higher performance when compared to public and private cloud environments. Interviewees 3 and 4

may shift to hybrid cloud in future because the financially applications, administration and

confidential data have been managed internally in private cloud. Other applications which are used

by the clients can be managed externally in public cloud.

What is your opinion about cloud services that are provided by different cloud providers?

Now-a-days there are many cloud service providers like Microsoft, Google, Amazon and more. All

the providers are providing the services that could be used by the organizations. The interviewees

have stated different opinions on cloud services providers. The organizations of interviewees 1 and 2

are cloud providers and provide different applications, infrastructure as a service, software as a

service and business process to achieve high performance. By using the services from cloud

providers, organizations are reducing their cost, and services are well maintained and managed by

the providers. Interviewee 3 states that there is a disadvantage of the services, i.e., the organization

cannot trust all the cloud providers because there may be a break in the cloud services and the

organization should wait until the problem is solved by the provider. Interviewee 4 says that,

according to his knowledge of cloud service providers, these are most useful, cost effective and

flexible.

42

Will the organization shift to CC in the future?

This is asked to interviewees that are not using CC architecture. Interviewees 3 and 4 state that,

shifting the architecture depends upon the customers and employees working in the organization.

Therefore depending on the structure of the organization, applications and services, they may shift

from client-server architecture to CC architecture.

Is the organization using the CC architecture from launch period?

As CC is a new architecture, there may be organization shifting from other architecture to the CC.

Interviewee 1 says that, in his company they have used client-server architecture from the launch

period of their company, but now they shifted to cloud computing because of flexibility, access to

data for pay-by hour method, performance, reduce IT administration cost and reduce hardware

infrastructure cost. Interviewee 2 says that, they are using CC architecture from the launch period of

the organization.

What are the cloud services used and provided by the organizations?

The organizations of interviewee 1 and 2 are cloud services providers and there are some services

that are provided by them to different organizations. Interviewee 1 provides and uses SaaS

(Windows 2008 Data centre, MqSql, Ms-SQL, etc.), IaaS (CPU, memory and storage, etc.) and PaaS

(operating system, programming language, security, storage, version control, etc.). They maintain all

these services in public cloud, because cost of computing is nearly 250-400 SEK/month

comparatively less to other environments. Also in terms of security they have their in-built firewall

for protecting the data. City Network Hosting (CNH) is one of the leading providers where more

than 10,000 of customers are getting service from CNH. Accenture is also providing the services like

infrastructure, business process applications and SaaS to different organizations through public

cloud. Interviewee 2 is also providing IaaS, SaaS, and DaaS (Database as a Service) for several

organizations.

5.2.1 Summary of the Interviews

In our interview, two organizations were using CC architecture and other two organizations are using

client-server architecture. According to the interviewees, public clouds could be more useful for

small organizations because they can outsource the infrastructure in which, it could be cost effective

and maintained by the service provider. Private cloud could be more useful by large organizations,

where the CC infrastructure can be used by more users and it can be maintained and managed by

organization itself. According to the results of the interviews, some of the organizations will shift to

the hybrid cloud environment in future depending upon the organizations applications. All

interviewees specified that, hybrid cloud environment can be used for the organizations using

external resources and for large scale organizations. One of the interviewed organizations is using

hybrid cloud, where the financial applications, administration data are managed internally in private

cloud and applications used by clients are managed externally in public cloud. The limitations

provided by two interviewees are security, breakdowns in cloud and they may not shift to CC

architecture due to the demands of clients. The following table 9 summarizes the main questions and

answers of the interviews.

43

Table 9: Interview results Questions Interview 1- Accenture Interview 2 – CNH

AB

Interview 3 –

Sandvik AB

Interview 4 - ST

Ericsson

Kind of

Architecture

used

CC architecture CC architecture Client-server

architecture

Client-server

architecture

Requirements

of the CC

architectures

Cost, scalability,

flexibility, performance,

security

Better functionality,

less cost, reduce

infrastructure,

flexibility, security

and performance

Security and data is

maintained by ERP

(Enterprise Resource

Planning)

Applications and

services are scaled

according to the users

and security

Data Centres

and Services

maintained by

own

organization

Has it is large organization

, data centres and service

are maintained by the

organization itself and also

provide services (service

provider) to different

organizations

Data centres and

services are

maintained by CNH

and also act as cloud

service providers

Data centres are

maintained by the

Sandvik and services

depends upon the

projects

Data centres and

services are

maintained by the

Unisys and HP

Preference

given by the

organizations

to cloud

environments

Hybrid cloud is used

because this cloud can be

used by large organizations

where internal and external

resources are used.

Hybrid cloud is used

as it provides both

internal and external

resources.

Depends upon the

applications and

services

As it is a mobile

organization, only

Private cloud could be

preferred

Are the cloud

services

provided by

cloud

providers are

preferable

Accenture is a cloud

provider and provides IaaS,

SaaS, DaaS (Database as a

Service). The services

provided by them are most

preferable and been used

by hundreds of

organization to achieve

good performance and

functionality

CNH AB is a cloud

provider and provides

IaaS, SaaS, PaaS and

hosting services. IT is

also most preferable

and had 10,000

customers using these

services.

Sandvik AB does not

depend upon the

services provided by

cloud providers.

For ST Ericsson the

services provided by

cloud providers are

most useful and

flexible.

Drawbacks of

CC

architecture

No drawbacks.

No drawbacks

Security and Break

down of cloud

services

Due to the

requirements of

clients they are not

able to shift to CC

architecture and main

reason is security.

5.3 Discussion The main focus of this research was to investigate the different cloud environments (from public,

private hybrid and community cloud) and cloud services through survey and interviews with

different CC organizations. From this investigation, we will suggest a cloud environment for SWAF

based on the requirements such as cost, security, performance, functionality and flexibility. In the

following section, we will discuss and summarize the results of the survey and interview study in

table 10. As SWAF is a large organization which is using CC, the survey and interviews have been

conducted with small (25%), medium (25%) and large (50%) organizations using CC architecture.

According to the overall percentage of the empirical study, we compared the results of medium and

large organisation with SWAF. But, SWAF accepted the results of all small, medium and large scale

organizations because; they considered the security, cost, functionality, performance and flexibility

of different cloud environments with all the organizations.

44

5.3.1 Discussion of Qualitative and Quantitative data: We gathered qualitative and quantitative

data from different organisations. For the quantitative data we had conducted the online survey on

CC with different organizations like Oracle, TCS, IBM, and Microsoft and also published in social

networking sites (LinkedIn). The qualitative data had been gathered by conducting the interviews

with four different organizations those who use (Accenture and City Network Hosting) and not using

(ST Ericsson and Sandvik) CC. We had prepared the different questionnaire for the survey (consists

of 18 questions), which has been sent to 20 participants and 14 of them were responded to the

survey. The interview section (consists of 9 questions) was conducted with the above mentioned

organizations.

5.3.2 Discussion of Survey and Interview: The survey and interview study have been conducted to

organizations to know their use and requirements of CC, cloud services and cloud environments such

as public, private and hybrid cloud environments based on different factors like cost, security,

performance, flexibility and functionality. Based on the results of the survey and interviews, we can

conclude that:

CC architecture is used by the organizations because of cost, flexibility, performance,

security, functionality, reduces infrastructure cost and different services are provided by

cloud providers.

Most of the organizations working on CC prefer private and public cloud equally but the

private (32%) cloud environment is used because of security, functionality, performance and

privacy reasons. But, few of the organizations prefer public (32%) cloud environment

because of low cost, flexibility and scalability.

If we consider the above statistics many companies are using public and private cloud, but

among them most of the organizations are also ready to move to hybrid (27%) cloud

environment, which is a mix of both private (internal) cloud and public (external) cloud. 9%

of the organizations prefer community cloud, in which they can share the infrastructure with

organizations having same requirements.

As a result of the survey, most of the participants prefer hybrid cloud for security and in this way

they can use internal and external resources. Factors mentioned in the survey (such as cost, security,

performance, flexibility and better functionality) of cloud environments depend upon the services

and applications needed by the organizations. Participants have given priority to factors depending

on their experience and opinion of cloud environments. However, the cost factor depends on the

selected cloud environment of the organization.

By comparing the results of the survey, public cloud is used by 44.4% of organizations. And

it is preferred by 32% of organizations because of performance, flexibility, functionality and

less cost. Public cloud is used by small-scale organizations because they can share the

infrastructure and other services from service provider for limited number of users.

Private cloud is used by 44.4% of organizations. But it is preferred by 32% of organizations

because of security, performance, flexibility and functionality. Private cloud costs more

because the infrastructure is maintained by the organization itself, therefore medium (if the

organizations want their data to be secured) and large-scale organizations can use private

cloud, which is also more secured.

Hybrid cloud is used by 11.1% of the organization. If we consider the factors in hybrid cloud

environments, large scale organizations can use internal and external resources depending on

their needs. Hybrid cloud is cost effective (depends upon computing), flexible, secured, has

45

good performance and have better functionality. Because of these requirements hybrid cloud

is preferred by 27% of organizations for their future use.

The interview participants specified some limitations of CC such as security issues and breaks of

the cloud. Some interviewees specified that some of the organizations that are using alternative

architectures to CC may shift to CC architecture and select the cloud environment depending on

their applications. If the organizations use hybrid cloud environment, they can use the services

from different cloud provider and maintain their security for services and data behind the internal

firewalls of the organization. The following Table 10 summarizes and compares the results of the

survey and of the interview study with all the requirements (cost, security, performance,

flexibility and functionality) of different cloud environments.

Table 10: Comparison of the results of survey and interview study General Questions Survey Interviews

Reasons for using the CC

architecture

Pay-per-use model,

performance, reduces

administration cost; reduce

infrastructure, security, and

flexibility.

Cost, scalability, flexibility,

functionality, performance and

security

Organizations using cloud

environments

44.4% are using public cloud,

44.4% are using private cloud

and 11.1% are using hybrid

cloud

50% are using hybrid cloud and

other two organizations are not

using CC architecture

Priority of cloud Private

Environments Public

Hybrid

Community

32%

32%

27%

9%

25%

25%

50%

0%

Factors of private cloud Security-42%, Flexibility-40%,

performance-40%, cost-40%,

better functionality-40%

Security, performance and

functionality are preferred

according to the interviewee‟s

Factors of public cloud Security-32%, cost-33%, better

functionality-30%, performance

and flexibility-30%

Functionality and flexibility are

most preferred.

Factors of hybrid cloud Security-26%, cost-27%,

performance-30%, flexibility-

30%, better functionality-30%

Security, performance,

flexibility and better

functionality are preferred.

Organizations preferring

hybrid cloud

38% want to prefer hybrid

cloud and 62% will not shift to

hybrid cloud

50% prefer hybrid cloud and

50% prefer private cloud.

Reasons for preferring

hybrid cloud

Use of internal and external

resources, security.

Large organizations can use

hybrid cloud to use internal and

external resources.

Cloud services used and

provided by the organizations

SaaS-35.5%, IaaS-35.6% and

PaaS-28.9%

SaaS, IaaS, DaaS and hosting

services.

5.3.3 Suggesting the cloud environment

SWAF is a large scale organization, where they are having several processes which are undertaken

and dispatched by themselves. Currently they keep both sensitive and non-sensitive information in

the internal cloud, because of this the maintenance and cost issues increases. In order to overcome

this we can use hybrid cloud, where we can keep the sensitive information in private cloud and non-

46

sensitive information in public cloud.Hybrid cloud is having more functionality with better

performance compared to other cloud environment also by the integration of public and private cloud

it is more secured. Cost is also affordable for computing the whole environment. According to the

survey, Hybrid cloud is been selected because of the flexibility of services, use of internal and

external resources and security. Survey had been conducted with small, medium and large

organizations. From this, small and medium scale organizations are using public cloud and private

cloud. Because small scale organizations have less number of users, so to maintain and manage the

infrastructure and other services will be more expensive. So, instead they can outsource the services

from different cloud providers according to their usage with less cost. Medium scale organizations

do not want to use any external resources, do not want to outsource the services from cloud providers

and want to store and secure their data within the organization so they prefer private cloud. But, in

the survey we found that, small and medium scale organizations prefer Hybrid cloud for large scale

organizations because they can use both internal and external resources, they also provide some of

the cloud services to different organizations and can afford for less cost.

We suggest the cloud environments by matching the results of interview and survey from the

requirements (security, flexibility, functionality, cost and performance) given by SWAF; this is

explained in table 11. The results of the empirical study have been recognized by SWAF.

Table 11: Comparing the requirements of SWAF with the empirical studies

Requirements Given By SWAF

Suggestion of Cloud Environment

SURVEY

INTERVIEW STUDY

Security

Security is one of the factors to be

considered for SWAF; SWAF needs

high security for their data and

applications to be processed within

the organization. So, hybrid cloud is

more secured when compared to

public and private clouds, because

they can have the sensitive

information within their organization.

From the survey 26% of people

prefer hybrid cloud because on the

security.

According to the

interviews results hybrid

cloud is preferred based on

the following

Requirements

High Security

High Performance

Greater Flexibility

Better Functionality

Cost

Cost is one of the factors to be

considered for SWAF; because it is

measured based on the use of services

in hybrid cloud environments, which

provides affordable cost to SWAF.

And from the survey 27% of people

prefer hybrid cloud based on the cost.

Functionality

Functionality is one of the factors to

be considered for SWAF; Hybrid

cloud provides greater functionality

when compared to public and private

cloud. Where they can outsource the

47

functions like E-mail, Travel, Payroll,

Conferencing, Social media and in

source the functions like ERP,

Finance, Human Resource. From the

survey 30% of people prefer hybrid

cloud based on greater functionality.

Flexibility

Flexibility is one of the factors to be

considered for SWAF; where hybrid

cloud is more flexible than other

cloud because we can

add/change/update the services

according to the use of organizations.

From the survey 30% of people

prefer hybrid cloud based on the

flexibility.

Performance

In hybrid cloud, both internal and

external resources are used where the

organizations are having sensitive

information in one system and non-

sensitive information in another

system. So it makes the system to

have high performance. From the

survey 30% of people prefer hybrid

cloud based on the performance.

Community cloud could be used for SWAF for sharing infrastructure like network, storage capacity,

servers, information sharing, message transfers and for logistic purpose. Community cloud do not offer

the same cost savings as a public cloud because here fewer users sharing the infrastructure cost, but it is

less expensive than a private cloud, and works much like a public cloud, except that it is restricted to

only members of the community. Community cloud is also mostly used only by the large organizations

like government, educational institutions, and non-profit organization. Hereby SWAF can also share

their infrastructure and use internal and external resources.

“As a result we suggest Hybrid and Community Cloud to SWAF”

By analyzing the empirical study and by considering the requirements, the cloud environments have

been suggested. From our survey result (33.33%) we found that the large scale organizations (100+

employees) like (IBM, Oracle, Sales force) are using hybrid cloud environment and rest of the small

scale and medium scale organizations are using other cloud environments. First of all SWAF wants

to use Cloud computing(meeting the requirements) for their future use, so in survey and interview we

mainly concentrated on the organizations those who are shifting to new environment. By comparing

the SWAF (large scale organization) with other large scale companies (survey results) we analyzed

and suggested the hybrid cloud environment

As a result of our thesis we were suggesting Hybrid cloud environment for SWAF, During the

literature study we have described about all the cloud environments and now in the following point

we mentioned how the inputs((High Performance, High security, Affordable cost, Greater flexibility

and more functionality)) from SWAF is used in our work(from literature and empirical study).

48

A hybrid cloud is composed of online storage (reliable and secure place to store data), online

desktop (access anywhere we can connect to the Internet) and web based applications (like

Google docs) in this way it is possible to free up resources and processing power

Hybrid cloud makes the customers agree to a viable and cost-saving methodology to make a

great use of public cloud services along with their private cloud services

Here the data is been secured in hybrid cloud architecture, that consists of private clouds for

sensitive, non-shared information; public clouds for information gathering, dissemination of

public information.

By outsourcing infrastructure, it enables IT departments to focus on strategic ideas that add

value and create competitive advantage, rather than getting delayed in the daily information

of managing servers. As a result this provides greater performance while outsourcing the

services.

The hybrid cloud exploits flexibility in the organization, as it can be a composition and

combination of at least one private cloud and at least one public cloud.

This hybrid cloud environment provides more prominent functionality by archiving

information, backup functions and allowing local data to be replicated to a public cloud.

In public cloud, the services and data will be used by the general public and different users. So, this

data will be stored in the system which is external. In private cloud, the applications and data will be

stored and accessed securely with the users of the organization. Because, the private cloud

environment is created by the organization itself, by different services, application and data. Hybrid

cloud is a mix of both private and public cloud environments. So, it is more secured than public

cloud and similar to private cloud environment. So, the information which is sensitive to the

organization (like Finance, Administration, Details of staff and more) can be stored securely in

private cloud environment. The data in this private environment will be used and accessed only by

the users of the organization. In public cloud environment, they can use external services (email,

travel and social media).

The percentages (Security-26%, cost-27%, performance-30%, flexibility-30%, better functionality-

30%) given in the table 9 are the factors of choosing hybrid cloud. We have not chosen based only

on those values. In fact 62% of the participants do not use Hybrid cloud, only 38% of the participants

prefer to hybrid cloud. Here also the question may arise why other environment has been chosen!

There may be many organizations using private or public cloud, but if we raise a question about what

will be your future scope? Most of them prefer hybrid cloud as their future use because of the use of

both internal and external resources. Also for large scale organizations , government organizations

and defense organizations hybrid cloud will be the suitable environment as said by Anya Kim[2].By

comparing the SWAF (large scale organization) with other large scale companies (survey results) we

analyzed and suggested the hybrid cloud environment.

49

CHAPTER 6

PROPOSED MODEL FROM THE ACHIEVED RESULTS

This chapter describes the requirements and the design of a cloud environment that can be suitable to

SWAF. This model is designed in hybrid and community cloud environments which are used for

sharing the infrastructure like network, storage, servers and more resources for SWAF and with

security requirements which are explained in the further sections. Also each block of this model is

explained in the following sub-sections and the designed cloud model is compared with the existing

model at SWAF

6.1 Inputs used for designing the new cloud model The content of this section was framed after making the discussion with SWAF external supervisor

and by making the literature study. We have designed a new cloud model in hybrid and community

cloud environment by considering the following security requirements.

Inputs from SWAF

There will be a lot of requirements depending on how sensitive and non-sensitive information

will be. Swedish Armed Forces has separated networks for each (security) level. These levels are,

Public information (Secret/Restricted , Secret/confidential)

Internal information (Secret)

Privacy information (Secret/Top Secret)

The requirements is about things related to (for example) organization, method,

Administrative actions, user training, physical protection, but mostly different types of

Security features.

Inputs from Literature Study

Building internal firewall, by ensuring the security inside the organization.

Maintaining different servers for different applications (Mail server, Web server, Network

server, SSL-VPN server, etc.)

Secure web filtering

VPN tunnels for connecting to a private local area network at remote location

Inputs from Empirical study

Community and Hybrid cloud environments.

High speed Internet

6.2 Model design Cloud Computing is specially known in the aspect of fast internet collaboration condition [45]. Here

we propose a model (see figure 14) where each user of the cloud will be connected to the system via

an Asymmetric SSL Tunnels (AST) which passes through the Secure Socket Layer VPN (SSL VPN)

server. In earlier cloud model for security purpose, people were connecting through SSL-based

Virtual Private Network (symmetric method) [47].

Also there is a popular form of security model by having Cloud firewall inside the cloud model [80],

this provides the information of how and where the firewall works and to be installed in the system.

In general there is a problem with the data that are encrypted at one end and decrypted at the other

end, or contrariwise for the reverse direction and all the data flows of VPN are relayed by VPN

50

server via SSL tunnels, those symmetric SSL tunnels cause a lot of computational load concentrated

in VPN server, and make it the bottleneck of VPN [48]. In order to eliminate that bottleneck for

larger scale SSL, VPNs and AST have been used. Each block of this model is explained below.

i) User

SWAF employees are the users of this system, where they can operate with this cloud network from

any of their branches by Asymmetric SSL Tunnel (AST) through internet and this feature provides a

safe and secure access to the user.

ii) Internal Firewall

A single firewall at the Internet gateway is no longer sufficient. In some cases if we want to build an

internal firewall; it is better to have firewall between two separate organizations that share a

network, rather than between a single organization and the Internet. In this context the internal

firewall differs from personal firewall [50]. This internal firewall is maintained inside SWAF.

Figure 14: Proposed Cloud model

iii) SSL VPN server

Computer networks use a tunnelling protocol, where protocol provides a secure path through an un-

trusted network. Secure Sockets Layer (SSL) is presented in the transport layer of Open Systems

Interconnection model (OSI) model, where this cryptographic protocol provides communication

security over internet. SSL VPN is a secure remote access solution based on SSL/TLS [28] protocol.

According to the prediction of Gartner Company [33], SSL VPN market will grow more than 170%

51

per year. Compared with other virtual private network technologies, SSL VPN has the following

outstanding advantages: low cost, easy-to- deploy, fine-grained access control, etc. But its

performance and scalability are also hampered by the computation overhead of SSL protocol. VPN

server is the key equipment to construct an asymmetric SSL VPN.

iv) Personal firewall

A personal firewall is defined as a software service running in an operating system that provides

simple firewall capability for a personal computer. Most personal firewalls support static packet

filters.

All users should install a personal firewall on their systems, not only to help/prevent others at nearby

hotspots from accessing their devices, but also as part of a broad-based defence against hackers

residing on other parts of the Internet.

v) Private Cloud

A private cloud is one in which the services and infrastructure are maintained on a private network. It

has greater level of security and control but the organizations require purchasing all software,

platform and infrastructure, where it reduces the cost savings. We can use private clouds to maintain

the security and control by the same organization instead of outsourcing to other providers.

vi) Public Cloud

A public cloud is one in which the services and infrastructure are provided off-site over the Internet.

We can use public cloud to add computer capacity for peak times, doing collaboration projects,

doing ad-hoc software development project using PaaS and workload for applications is used by lots

of people, such as e-mail.

vii) Hybrid Cloud

A hybrid cloud includes a variety of public and private options with multiple providers. We have to

keep track of multiple different security platforms and ensure that all aspects of our business can

communicate with each other. We can use hybrid clouds for our organization to use a SaaS

application but is concerned about security. And company offers services that are tailored for

different vertical markets. You can use a public cloud to interact with the clients but keep their data

secured within a private cloud.

viii) Community cloud

Community cloud can be implemented where several organizations have similar requirements and

where they can share the infrastructure. The sharing can be like general information of the

organization, messaging and other applications. In this model, community cloud is used for sharing

the information with users of SWAF, accessing applications, sharing infrastructure, mail and web

servers and logistics purpose. Here the computing cost of community cloud is more than the public

cloud, but it offers of higher level of privacy and security.

ix) Storage

Here in this architecture we kept two different databases. One DB is to store the sensitive

information from the private cloud and other DB to maintain the non-sensitive information from the

public cloud. The hybrid storage cloud uses a combination of public and private storage clouds; they

are often used for archiving, backup functions and allowing local data to be replicated to a public

cloud.

x) Asymmetric SSL Tunnel (AST)

Secure socket layer based virtual private network (SSL VPN) provides a safe and easy approach for

remote accessing. SSL provides CIA (Confidentiality, Integrity, Availability), also provides

permission to be used with any protocol that uses TCP as the transport layer. Symmetric SSL tunnels

52

cause a lot of computational load concentrated in VPN server, and make it the bottleneck of VPN

[47].

In order to eliminate that bottleneck for larger scale SSL VPNs, Asymmetric SSL Tunnels (AST

came) are been used. Where AST computational load is distributed to detached internal application

servers. AST solution improves the overall VPN throughput radically and this solution doesn‟t need

any modification on internal server programs. In this model we have used two firewalls one is

maintained inside and other is maintained outside the organization.

The first firewall (Personal firewall) is installed on all the user systems. This firewall is not only to

help/prevent others at nearby hotspots from accessing their devices, but also as part of a broad-based

defense against hackers residing on other parts of the Internet. The internal firewall differs from

personal firewall [50]. This internal firewall is maintained inside SWAF.

Personal firewalls support static packet filters. This static packet filter provides network packet

filtering based only on packet information in the current packet and administrator rules. Static packet

filtering filters packets are based on [79]:

Administrator defined rules governing allowed ports and IP addresses at the network

and transport layers of the OSI network model.

Packet contents including the network and transport layer contents

So by these two firewalls we can run the model effectively. Also we are not depending only on

firewalls, for communication purpose we make use of SSL VPN server. SSL provides CIA

(Confidentiality, Integrity, Availability), also provides permission to be used with any protocol that

uses TCP as the transport layer. This cryptographic protocol provides communication security over

internet.

6.3 Analysis of designed model In the existing system, SWAF are using Private cloud which they created for their own internal use.

A private cloud is typically hosted on the company‟s own servers, within their own network

infrastructure. After gathering the information from SWAF we started our literature, survey and

interview study regarding the improvement of existing system and how could we overcome the

problem of SWAF (see section 1.1). Most of the experts gave similar answers about the problem in

using private cloud, i.e. since the private cloud is hosted on sight, the organization needs to provide

adequate power, cooling, and general maintenance. And the organization needs to invest a lot for

purchasing own hardware. Private clouds also require system administrators. With these pre

requirements we have designed a new model that can be used by SWAF with the combination of

public and private cloud. This means that we suggest the hybrid cloud environment with the use of

community cloud where they can also share their infrastructure with the other branches of SWAF

located in various parts of the world. This makes SWAF more comfort and the model is ease to use.

For connecting to the cloud we have designed the cloud with AST connectivity. This asymmetric

SSL Tunnel,

Avoids from the bottleneck problem and provides a safe and easy approach for remote

accessing.

Provides a secure path through an un-trusted network.

It is necessary to launch a VPN tunnel to each server, if the client wants to communicate with

multiple servers. If a user wants to browse Web sites, he/she must frequently turn off the VPN

53

because most Web servers do not support VPN. This problem can be solved by letting all traffic from

a laptop client go through a company‟s VPN server.

After connecting to the cloud, a user gets the permission to share SWAF infrastructure (Mail servers,

web servers, E-record service, Supply chain management and etc.) via community cloud. The survey

tells that 27% of the users would like to shift towards hybrid cloud, which is a combination of Public

and private cloud. The main reason for shifting to hybrid cloud is security and ability of using

software and saved files with different servers. All the sensitive information of private cloud is stored

in a separate database and non-sensitive information of public cloud is stored in separate database.

Therefore, by using our model SWAF can improve their services.

6.4 Suggestion given by SWAF The model has been designed in the suggested cloud environments with the requirements given by

SWAF and some from literature study (section 6.1). After designing the cloud model, we had a

meeting with the external advisor at SWAF. During that session we had explained and presented the

new cloud model. SWAF has analyzed and given some suggestions to make it more secured by using

the following listed security requirements. The advisors of SWAF have also given their opinion and

suggestions to improve the designed model with respect to their existing model and the technology

advancement. The following security requirements will be added/modified (if any requirement has

its better version) to our proposed model.

1. Enterprise-class stateful firewall

2. IPSec VPN

3. SSL-based OpenVPN

4. Network intrusion prevention system

5. Secure web filtering

6. Dynamic routing and more to enable per customer or per server security and connectivity.

The model we designed (section 6.2) will be slightly changed after modifying/updating the

suggestions given by SWAF. The Security requirements that were suggested by SWAF are briefly

explained in the following section, but the investigation of these requirements will be done as future

work.

Enterprise-class stateful firewall

Enterprise class stateful firewall is a security feature that supports authentication proxy / 802.1x for

wireless network and split tunnelling. This firewall will be added to our designed model by placing

inside the SWAF for the purpose of network authentication.

IPSec VPN

IPSec is located in the network layer of the OSI model. This network protocol supports encryption

and authentication. IPSec is frequently used in so-called "tunnel mode" with a Virtual Private

Network (VPN). However, IPSec also supports a "transport mode" for direct connection between

two computers. This IPSec VPN will not affect the designed model, because this part of SSL VPN

server module which is to be added with the model. So no modifications will be done after

implementing this suggestion.

SSL-based OpenVPN

SSL based OpenVPN is explained in section 3.2. This SSL-based open VPN will not make any

change in the model, because we have already implemented the Asymmetric SSL Tunnel (AST) in

our design which provides greater security and higher functionality compared to this SSL-based

Open VPN.

54

Network intrusion prevention system

This Intrusion Prevention system (IPS) is a network security control that monitors system and

network from the malicious activity. This system is also called as Intrusion Detection and prevention

System (IDPS). This intrusion detection system is like a device/software application that monitors all

network system activities; it will not cause much affection in our model. This device is been kept in

the client side(at SWAF).

Secure web filtering

Secure web filtering is very important for all the organization also SWAF to consider the following

steps in order to be safe from the attacker. First the IT manager need to guard against the security

risks and bandwidth drains of unrestricted access to peer-to-peer (P2P) sites, illegal file downloads,

or visits to sites where PCs and networks can be exposed to viruses and malicious software. There is

a product called SmartFilter, which meets all the requirement of the organization also its simple to

manage, highly inexpensive and easy to use. This web filter will be placed after the internal firewall

in our designed model, this requirement is been used in order to block the malicious web sites, file

types, MIME (Multipurpose Internet Mail Extensions) types and blocking pages from IP, allow only

hosts.

Dynamic routing

Dynamic routing is the location of the remote resource that is decided at run time. It also determines

the next-best paths if the best path to a destination becomes unused. It uses dynamic protocols to find

the optimal path and update the routing table between the source and the destination computers. The

best possible path to transfer information across two computers in a network is determined by the

data entered in the routing table. There will be no much changes will be occurred in our designed

model because the routing table is stored in the form of a database or simply like a file stored in the

router. These information stored in database/router are changed dynamically by the router itself.

These suggestion are been given by SWAF because, as technologies are changing day-by-day we

need more security for data and in future SWAF may need more security requirements in the model.

Implementing the suggested security requirements the model in the figure 14 does not change a lot.

But one or two security requirements will be added accordingly. For instance, Enterprise class

stateful firewall and web filter will be added newly to the model. Before fixing them in the current

model again we have to make a literature study, whether by including this it will affect the other

component or not, check about the cost requirement, analyzing the pros & cons and to find whether it

makes any fault in the system by use of web filter. So, as our future work these researches will be

done for the suggested security requirements.

55

CHAPTER 7

CONCLUSION AND FUTURE WORK 7.1 Summary In this thesis, we have done a detailed study on different definitions of cloud computing, cloud

environments and cloud services. The main goal of our thesis is to suggest a suitable cloud

environment from public, private, hybrid and community clouds to SWAF. For suggesting a cloud

environment to SWAF, two empirical studies (a survey and an interview study) have been conducted

with different organizations using and not using CC (in order to know the drawbacks of CC). From

an analysis of the results of the empirical studies, most of the organizations prefer private and hybrid

cloud. This is because private clouds are secure and maintained by medium and large organizations

while hybrid clouds are used by large organizations which can use both internal and external

resources in a secured way.

As SWAF is a large organization and have both internal and external resources, both Hybrid and

Community cloud environments are suggested and also they can implement for their future use. In

general perspective, most of the organizations are using both public and private cloud but

organizations would prefer hybrid clouds because, this could be flexible to use both internal and

external resources. Therefore, we suggest hybrid cloud environment could be suitable and flexible

for SWAF. SWAF have similar requirement at all their branches, therefore we also suggest

Community cloud, because it allows sharing the infrastructures.

From an analysis of the results of the survey and interview study, the hybrid cloud environment is

more preferable for large organization. If we consider the factors in hybrid cloud environment:

Cost – Hybrid cloud is cost effective and depends upon the computing and use of

internal/external resources,

Security – though the services are provided from different cloud provider, security can be

maintained inside the organizations by taking the Service Level Agreement (SLA)from cloud

provider,

Performance and Functionality – it depend upon the applications and services used by the

organization,

Flexibility - by outsourcing the infrastructure it enables IT departments to focus on strategic

ideas that add value and create competitive advantage, rather than getting delayed in the daily

information of managing servers. As a result this provides greater flexibility while

outsourcing the services.

We have proposed a model to SWAF for improving and making better changes of their existing

system. This model is designed by making a literature study, interviews and a survey with the IT

companies that using cloud computing and not using cloud computing. The model has been designed

in the suggested Hybrid and Community cloud environment which can overcome the issues of

SWAF internal cloud.

56

7.2 Answering the research questions In chapter 1 we have formatted the research questions, in this section we have provided the results

for those research questions by answering them separately according to the achieved results.

RQ 1: Which environment (public cloud, private cloud and hybrid cloud) could be suitable to SWAF

with respect to performance, security, cost, flexibility and functionality?

After completing the literature study, we have conducted a survey and an interview study.

The literature study tells how the hybrid cloud makes the organization to keep safe of both

sensitive and non-sensitive data.

The information shared can be like general information of the organization, messaging and

other applications. The cost of community cloud is affordable because the infrastructure is

shared with all the users of the organization. Here the computing cost of community cloud is

more than the public cloud, but it offers higher level of privacy and security.

Based on the survey results, 32% of the organizations prefer Public clouds, 32% of the

organizations prefer Private cloud, 27% of the organizations prefer Hybrid cloud and 9% of

the organizations prefer Community cloud.

From the interview study we found that:

Public cloud could be useful for small organizations so that they can outsource the

infrastructure in which, it could be cost effective and maintained by the service provider. This

also provides with greater functionality and flexibility

Private cloud could be useful for large organizations, where the infrastructure can be used by

more users and it can be maintained and managed by organization itself. This also provides

greater security, reduction in cost and good performance.

Some of the organizations are willing to shift to hybrid cloud environment in future,

depending upon the size of applications in which they use. The companies specified that,

hybrid cloud environment can be used for the organizations using external resources and for

large scale organizations.

RQ 2: How the services Infrastructure-as-a-Service (IaaS), Software-as-a-Service (SaaS),

Platform- as-a-Service (Paas) could be used by SWAF?

The second research question RQ2, is focused on the cloud services such as IaaS,

SaaS and PaaS. In this research, a detailed study has been done about cloud services,

different cloud service providers and their features. As a conclusion, there is a

possibility for SWAF to outsource one or more services to the cloud providers like

Microsoft Azure, Amazon Web Services and to other providers specified during this

research.

The hybrid cloud environment in an organization provides more benefits of using

IaaS, SaaS and PaaS. If the services are outsourced from different cloud provider,

SWAF can have an agreement for maintaining the security for data, servers and

applications from inside the SWAF. SWAF can get the services from the service

providers as mentioned in Figure 2. It is better for SWAF having similar requirement

at all their offices, so that we suggest using the Community cloud, which plays the

vital role of sharing the infrastructure.

57

SWAF is currently using only private cloud, in this thesis we have proposed hybrid

and community cloud environment which provides High Security, High Performance,

Greater Flexibility and Better Functionality. This combination of hybrid and

community cloud environment can be applied to other IT organizations which are

similar to SWAF. By modifying the services according to their requirements by and

generalizing our cloud model.

7.3 Future work Our goal is to improve the new proposed design in future. During this thesis work we found the

suitable cloud environment and services for SWAF, next step is to investigate on different security

requirements and provide the framework details of the designed model, and also by physically

implementing and testing the model at SWAF. After the successful outcome, we can test and apply

the model for other large scale IT organizations by modifying services to their inputs. The model

proposed in chapter 5 will be generalized after implementing the proposed cloud model at SWAF, So

that we can consider specific modules from more general modules.

58

REFERENCES

1. Ramgovind.S, Eloff.M, and Smith.E, “The management of security in Cloud computing,” in

Information Security for South Africa (ISSA), 2010, pp. 1-7, 2010.

2. Anya kim, John McDermott, and Myong Kang, “Security and Architectural Issues for

National Security Cloud Computing”, IEEE 30th International Conference on Distributed

Computing Systems, 2010

3. Hassan Takabi, James B. D. Joshi, Gail-Joon Ahn,SecureCloud: Towards a Comprehensive

Securiy Framework for Cloud Computing Environments‟, in Information Science at

Pittsburgh, USA, 2010.

4. Zhibin Chen, Jianfeng Yang, Cloud Computing Research and Security Issues‟, in Computer

Science and Technology, China

5. Chunye Gong, Jie Liu, Qiang Zhang, Haitao Chen and Zhenghu Gong, „The Characteristics

of Cloud Computing‟, Department of Computer Sciences, China, 2010.

6. Malcolm.D, “The five defining characteristics of cloud computing”,

http://news.zdnet.com/2100-9595_22-287001.html.

7. “The Functionality of Cloud Computing | Cloud Computing World.” [Online]. Available:

http://www.cloudcomputingworld.org/cloud-computing-for-businesses/the-functionality-of-

cloud-computing.html. [Accessed: 06-Jul-2011].

8. “Amazon Elastic Compute Cloud (Amazon EC2).” [Online]. Available:

http://aws.amazon.com/ec2/. [Accessed: 02-Jun-2011].

9. “GoodRelations & RDFa for Deep Comparison Shopping on a Web Scale.” [Online].

Available: http://www.slideshare.net/mhepp/goodrelations-rdfa-for-deep-comparison-

shopping-on-a-web-scale. [Accessed: 17-Apr-2011].

10. “IBM Cloud Computing - United States.” [Online]. Available: http://www.ibm.com/cloud-

computing/us/en/. [Accessed: 02-Jun-2011].

11. “Windows Azure | Microsoft PaaS | Cloud Services | Application Hosting.” [Online].

Available: http://www.microsoft.com/windowsazure/. [Accessed: 02-Jun-2011].

12. “Deploying SOA and Cloud Computing with a Tactical Approach | GovIT News.” [Online].

Available: http://govitnews.sys-con.com/node/1134716. [Accessed: 02-Jun-2011].

59

13. Mell.P and Grance.T, Draft NIST Working Definition of Cloud Computing. .” [Online].

Available: http://info.apps.gov/sites/default/files/NIST_Cloud_Definition.doc

[Accessed: 02-Jun -2011]

14. “Facts and figures - Försvarsmakten.” [Online]. Available:

http://www.forsvarsmakten.se/sv/About-the-Armed-Forces/The-Swedish-Armed-Forces-in-

figures/. [Accessed: 19-Feb-2011].

15. Syam Kumar.P, Subramanian. R, and Thamizh Selvam.D, “Ensuring data storage security in

cloud computing using Sobol Sequence,” in Parallel Distributed and Grid Computing

(PDGC), 2010 1st International Conference on, pp. 217-222, 2010.

16. Ruan Gaofeng and Cai Jing, “Online course development based on a public cloud computing

infrastructure,” Networking and Digital Society (ICNDS), 2010 2nd International Conference

on, 2010, pp. 47-50.

17. Kaufman.L, “Can Public-Cloud Security Meet Its Unique Challenges?,” Security & Privacy,

IEEE, vol. 8, 2010, pp. 55-57.

18. Foster.K, Shea.J, Michael.J, Otani.T, Peitso.T, and Man-Tak Shing, “Cloud Computing for

Large-Scale Weapon Systems,” Granular Computing (GrC), 2010 IEEE International

Conference on, 2010, pp. 161-166.

19. Li.A, Yang.X, Kandula.S, and Zhang.M, “CloudCmp: comparing public cloud providers,”

Proceedings of the 10th annual conference on Internet measurement, New York, NY, USA:

ACM, 2010, pp. 1–14.

20. Bao Rong Chang, Hsiu Fen Tsai, Chien-Feng Huang, and Hsi-Chung Huang, “Private Small-

Cloud Computing in Connection with Linux Thin Client,” Pervasive Computing Signal

Processing and Applications (PCSPA), 2010 First International Conference on, 2010, pp. 82-

87.

21. Jingyu Ding, Jiajin Le, Rui Xie, and Yaohui Jin, “Data center consolidation with virtualized

private network: A step towards enterprise cloud,” Computer Application and System

Modeling (ICCASM), 2010 International Conference on, 2010, pp. V4-563-V4-567.

22. Sang-Ho Na, Jun-Young Park, and Eui-Nam Huh, “Personal Cloud Computing Security

Framework,” Services Computing Conference (APSCC), 2010 IEEE Asia-Pacific, 2010, pp.

671-675.

23. Radu Prodan, Simon Ostermann, „A Survey and Taxonomy of Infrastructure as a Service and

Web Hosting Cloud Providers‟, in Institute of Computer Science, University of Innsbruck,

Austria. 10th

IEEE/ACM International Conference,2009.

24. Wenhong Tian, Sheng Su, Guoming Lu, „A framework for Implementing and managing

platform as a service in a virtual cloud computing lab‟, school of Computer Science and

Software Engineering, Chengdu, China.

60

25. Minqi Zhou, Rong Zhang, Dadan Zeng, Weining Qian, „Services in the Cloud Computing

Era: A Survey‟, Software Engineering Institute, East China Normal University, Shanghai,

China. National Institute of Information and communications Technology, Kyoto, Japan.

26. Jae Yoo Lee, Jung Woo Lee, Du Wan Cheun, Soo Dong Kim, „A Quality Model for

Evaluating Software-as-a-Service in Cloud Computing‟, Department of Computer Science,

Soongsil University, Korea. 7th

ACIS International Conference on Software Engineering

Research, 2009.

27. Michael Armbrust, Armando Fox, rean Griffith, Anthony D. Joseph, Randy Katz, Andy

Konwinski, Gunho Lee, David Patterson, Ariel Rabkin, Ion Stoica, Matei Zaharia, „A View

of Cloud Computing‟, Communications of the ACM, vol.53 No.4, April 2010.

28. Dierks.T and Allen.C, “RFC2246: The TLS Version 1.0”, [Online]. Available:

http://www.ietf.org/rfc/rfc2246.txt . [Accessed: 02-Jun-2011].

29. “Elastic Load Balancing.” [Online]. Available: http://aws.amazon.com/elasticloadbalancing/.

[Accessed: 02-Jun-2011].

30. “Amazon Simple Storage Service (Amazon S3).” [Online]. Available:

http://aws.amazon.com/s3/. [Accessed: 02-Jun-2011].

31. “Cloud Hosting, Cloud Servers, Hybrid Hosting, Cloud Infrastructure from GoGrid.”

[Online]. Available: http://www.gogrid.com/. [Accessed: 02-Jun-2011].

32. “Google App Engine - Google Code.” [Online]. Available:

http://code.google.com/appengine/. [Accessed: 02-Jun-2011].

33. “Technology Research & Business Leader Insight | Gartner Inc.” [Online]. Available:

http://www.gartner.com/technology/home.jsp. [Accessed: 03-Jun-2011].

34. “Cloud Computing Interoperability Forum (CCIF): Home.” [Online]. Available:

http://www.cloudforum.org/. [Accessed: 02-Jun-2011].

35. “CRM - ledaren inom SaaS (Leader In Software-as-a-Service) - salesforce.com SE.”

[Online]. Available: http://www.salesforce.com/se/?ir=1. [Accessed: 02-Jun-2011].

36. Bhaskar Prasad Rimal, Eunmi Choi, Ian Lumb, „A Taxonomy and Survey of Cloud

Computing‟, School of Business IT, Kookmin University, Korea. Computing and Network

services, York University, Canada.

37. Judith Hurwitz, Robin Bloor, Marcia Kaufman, Fern Halper, „Cloud Computing for

Dummies.

61

38. “CloudClip.Net - Light Through the Clouds of Computing.” [Online]. Available:

http://cloudclip.net/. [Accessed: 23-Apr-2011].

39. “How Does the Cloud Work? « wrLapinsky‟s Blog.” [Online]. Available:

http://wrlapinsky.wordpress.com/2010/09/26/how-does-the-cloud-work/. [Accessed: 23-Apr-

2011].

40. “About the Armed Forces - Försvarsmakten.” [Online]. Available:

http://www.forsvarsmakten.se/en/About-the-Armed-Forces/. [Accessed: 02-May-2011].

41. “Facts and figures - Försvarsmakten.” [Online]. Available:

http://www.forsvarsmakten.se/en/About-the-Armed-Forces/The-Swedish-Armed-Forces-in-

figures/. [Accessed: 02-Jun-2011].

42. Garfinkel.T, Pfaff.B, Chow.J, Rosenblum.M, and Boneh.D, “Terra: a virtual machine-based

platform for trusted computing,” in Proceedings of the 19th ACM Symposium on Operating

Systems Principles 2003, SOSP 2003, Bolton Landing,

43. NY, USA. ACM, October 2003, pp. 193–206.G. Briscoe and A. Marinos, “Digital

ecosystems in the clouds: towards community cloud computing,” 02-Oct-2009. [Online].

Available: http://eprints.lse.ac.uk/26664/. [Accessed: 02-Jun-2011].

44. “Eventually Consistent - ACM Queue.” [Online]. Available:

http://queue.acm.org/detail.cfm?id=1466448. [Accessed: 02-Jun-2011].

45. Wenhao.L, “A community cloud oriented workflow system framework and its scheduling

strategy,” in 2010 IEEE 2nd Symposium on Web Society, Beijing, China, 2010.

46. Baiardi.F and Sgandurra.D, “Securing a Community Cloud,” in Proceedings of the 2010

IEEE 30th International Conference on Distributed Computing Systems Workshops,

Washington, DC, USA, 2010, p. 32–41.

47. Zhou.J, Xia.H, Wang.X, and Yu.J, “A New VPN Solution Based on Asymmetrical SSL

Tunnels,” in Frontier of Computer Science and Technology, Japan-China Joint Workshop on,

Los Alamitos, CA, USA, 2006, vol. 0, pp. 71-78.

48. Huan Liang, O. Kabranov, D. Makrakis, and L. Orozco-Barbosa, “Minimal cost design of

virtual private networks,” in Electrical and Computer Engineering, 2002. IEEE CCECE

2002. Canadian Conference on, 2002, vol. 3, pp. 1610-1615 vol.3.

49. Hole. K. J, Dyrnes.E, and Thorsheim.P, “Securing Wi-Fi networks,” Computer, vol. 38, no.

7, pp. 28-34, 2005.

50. Brent Chapman.D & Elizabeth D. Zwicky, “Building Internet Firewalls,” 04-Feb-1999.

[Online]. Available: http://sjoel.home.xs4all.nl/the-networking-cd-

bookshelf/firewall/ch04_05.htm. [Accessed: 02-Jun-2011].

62

51. Gartner Says Cloud Computing Will Be As Influential As E-business.” [Online]. Available:

http://www.gartner.com/it/page.jsp?id=707508. [Accessed: 11-Jun-2011].

52. “Pensacola Junior College : MAC 1106 : CLOUD Computing.” [Online]. Available:

http://www.coursehero.com/file/6228948/CLOUD-Computing/?v0=1. [Accessed: 11-Jun-

2011].

53. Rajkumar Buyya, Market-Oriented Cloud Computing: Vision, Hype, and Reality for

Delivering IT Services as Computing Utilities. Department of Computer Science and

Software Engineering, University of Melbourne, Australia.

54. “Julio_Guijarro.pdf.” [Online]. Available:

http://ants.inf.um.es/ict2010/pdf/Julio_Guijarro.pdf/ . [Accessed: 02-May-2011].

55. Losup.A, Ostermann.S, Yigitbasi. M. N, Prodan. R, Fahringer. T, and Epema. D. H. J,

“Performance Analysis of Cloud Computing Services for Many-Tasks Scientific

Computing,” Parallel and Distributed Systems, IEEE Transactions on, vol. 22, no. 6, pp.

931-945, 2011.

56. “WhatCloudComputingMeanstoYou.pdf.” [Online]. Available:

http://www.vmware.com/appliances/directory/uploaded_files/WhatCloudComputingMeansto

You.pdf . [Accessed: 02-May-2011].

57. Lomet.D, Fekete.A, Weikum.G, and Zwilling. M, “Unbundling Transaction Services in the

Cloud,” 0909.1768, Sep. 2009.

58. Mell, P. & Grance, T., 2009. The NIST Definition of Cloud Computing. National Institute of

Standards and Technology, 53(6), p.50. Available at: http://csrc.nist.gov/groups/SNS/cloud-

computing/cloud-def-v15.doc.

59. “Microsoft Improves Performance Through Private Cloud Computing | CloudTweaks.com -

Cloud Computing Community.” [Online]. Available:

http://www.cloudtweaks.com/2011/03/microsoft-improves-performance-through-private-

cloud-computing/. [Accessed: 19-Jun-2011].

60. “Developers Callout | Eucalyptus Community.” [Online]. Available:

http://open.eucalyptus.com/. [Accessed: 19-Jun-2011].

61. “Amazon extends private cloud functionality - News - supplychainstandard.com.” [Online].

Available:http://www.supplychainstandard.com/Articles/3441/Amazon+extends+private+clo

ud+functionality.html. [Accessed: 19-Jun-2011].

62. Zhang. H, Jiang. G, Yoshihira.K., Chen. H, and Saxena. A, “Intelligent Workload Factoring

for a Hybrid Cloud Computing Model,” in Proceedings of the 2009 Congress on Services - I,

2009, pp. 701–708.

63

63. “Spotlight on Cloud Computing Series-Community Clouds” [Online]. Available:

http://net.educause.edu/ir/library/pdf/LIVE1017b.pdf [Accessed: 02-May-2011].

64. J.W. Creswell, Research Design: Qualitative, Quantitative, and Mixed Methods Approaches,

Sage Publications, 2008.

65. “Measurement: Reliablity and Validity measures” [Online]. Available:

http://ocw.jhsph.edu/courses/hsre/PDFs/HSRE_lect7_weiner.pdf [Accessed: 02-May-2011].

66. Shank, G. (2002). Qualitative Research. A Personal Skills Aproach. New Jersey: Merril

Prentice Hall

67. “Survey Methods.” [Online]. Available:

http://www.ischool.utexas.edu/~palmquis/courses/survey.html. [Accessed: 06-Jul-2011].

68. “What is Cost Accounting?” [Online]. Available: http://www.wisegeek.com/what-is-cost-

accounting.htm. [Accessed: 06-Jul-2011].

69. ''Security in Cloud computing'' [Online]. Available:

http://en.wikipedia.org/wiki/Cloud_computing_security . [Accessed: 04-July-2011]

70. “Cloud Computing.” [Online]. Available: http://www.compuware.com/application-

performance-management/cloud-computing-solutions.html. [Accessed: 06-Jul-2011].

71. “Simple Object Access Protocol (SOAP) 1.1.” [Online]. Available:

http://www.w3.org/TR/2000/NOTE-SOAP-20000508/. [Accessed: 06-Jul-2011].

72. “Fielding Dissertation: CHAPTER 5: Representational State Transfer (REST).” [Online].

Available: http://www.ics.uci.edu/~fielding/pubs/dissertation/rest_arch_style.htm. [Accessed:

06-Jul-2011].

73. “PHP: Hypertext Preprocessor.” [Online]. Available: http://www.php.net/. [Accessed: 06-Jul-

2011].

74. “Ruby Programming Language.” [Online]. Available: http://www.ruby-lang.org/en/.

[Accessed: 06-Jul-2011].

75. David S. Linthicum, ''Cloud computing and SOA Convergence in your Enterprise'', A step-

by-step guide.

76. Smith, Roger, ''Computing in the Cloud'', Industrial Research Institute, Research Technology

Management, Sep – Oct 2009.

77. Vidyanand Choudhary, “Comparison of Software Quality under Perpetual Licensing and

Software as a Service,‟‟ Journal of Management Information Systems, 2007. Volume 24,

pages 141-165.

64

78. “Conceptual, Logical, and Physical Data Models.” [Online]. Available:

http://www.1keydata.com/datawarehousing/data-modeling-levels.html. [Accessed: 06-Jul-

2011].

79. “Enterprise cloud computing gathers steam | ZDNet.” [Online]. Available:

http://www.zdnet.com/blog/hinchcliffe/enterprise-cloud-computing-gathers-steam/191.

[Accessed: 06-Jul-2011].

80. Weili Huang; Jian Yang; , "New Network Security Based on Cloud Computing," Education

Technology and Computer Science (ETCS), 2010 Second International Workshop on , vol.3,

no., pp.604-609, 6-7 March 2010

81. Kai Petersen and Claes Wohlin. 2009. Context in industrial software engineering research.

InProceedings of the 2009 3rd International Symposium on Empirical Software Engineering

and Measurement (ESEM '09).

65

Appendix 1

Questionnaires used for survey

1. How many employees are working on cloud computing in your organization ?

1 to 10 Employee

10 to 50 Employee

50 to 100 Employee

100 to 200 Employee

200+ Employee

2. Do you having your own definition of cloud computing?

Yes (Please define it)

No

If yes? You can define it.

3. Is cloud computing architecture useful for your organization?

Yes

No

If no, please specify the other architecture that is mostly used at your organization.

4. Is your organization using cloud computing from the launch period?

Yes

No

66

If no, please specify from which architecture you have shifted [Ex:Client-server, P2P, Grid

Computing,etc.]

5. Select the major reasons of shifting to cloud computing architecture from the options given below.

Reduce Hardware infrastructure costs

Flexibility

Reduce IT administration cost

Access to data for pay-per-use method

Performance

Privacy

Availability of services/Data

Integrity of services/Data

Confidentiality of services/Data

Data center and storage capacity

Others(Please specify)

6. Cloud Environment: Which cloud environment (public, private or hybrid) are you using for your

organization?

Public

Private

Hybrid

67

Other

If you are using another cloud what is the name of the cloud?

7. Can you explain why you are using the above selected cloud environment?

8. Can you rank the following cloud environments, according to the priority of your selection?

[Note: Do not give same rank for multiple cloud]

1 2 3 4

Public Cloud

Private Cloud

Hybrid Cloud

Other Cloud

Other Cloud(Please Specify)

9. Cloud Computing Cost: What is the approximate cost of the cloud environment that you are using

currently at your organization? If possible you can also specify the cost of computing in other

environment (which you are not using).

Public Cloud

Private Cloud

68

Hybrid Cloud

Other Cloud

10. Here are some of the factors of "Public cloud" environments mentioned below. You can mark

them according to the given scale.

Scale: [ 1-Very Unimportant ; 2-Unimportant ; 3-Neutral ; 4-Important ; 5-Very Important ]

Security

Cost

Performance

Flexibility

Better functionality

11. Here are some of the factors of "Private cloud" environments mentioned below.You can mark

them according to the given scale.

Scale: [ 1-Very Unimportant ; 2-Unimportant ; 3-Neutral ; 4-Important ; 5-Very Important ]

Security

Cost

Performance

Flexibility

Better functionality

12. Here are some of the factors of "Hybrid cloud" environments mentioned below.You can mark

them according to the given scale.

Scale: [ 1-Very Unimportant ; 2-Unimportant ; 3-Neutral ; 4-Important ; 5-Very Important ]

Security

69

Cost

Performance

Flexibility

Better functionality

13. Many organizations, now-a-days are moving towards hybrid cloud which is a mix of both public

and private cloud. Would you like to prefer hybrid cloud for your organization?

Yes

No

14. If you prefer Hybrid cloud for your organization, what could be your opinion about this

environment?

15. In SPI (Software, Platform, Infrastructure) cloud service model, which service is used in your

organization ?

Software as a Service

Infrastructure as a Service

Platform as a Service

Other Service (Please Specify)

16. Why the above selected service is used at your organization?

17. Are you willing to outsource the services to multiple providers?

Yes

70

No

Others

18. What are the IT services/Applications you prefer to be outsourced to a cloud computing service

provider for supporting business processes?

Mail servers

Knowledge management infrastructure

Electronic record service

Pay roll

Human resource

Supply Chain Management (Logistics)

Accounting and Finance

Project Management

Call center

Others

Others (Please specify)

71

Appendix 2

Interview Guide

1. Is the organization using cloud computing? If not, what is the other architecture the

organization is using?

2. If the organizations are using other architecture, is it useful than CC? If yes, what is the

reason?

3. Why organization is not using CC? Do you find any drawbacks in CC?

4. There are some parameters (like scalability, flexibility, security, performance and cost) in CC

which organizations are more concerned. So, can you see these parameters in the architecture

that your organization is using?

5. Are the data centers and services like IaaS, SaaS, PaaS are maintained and managed by the

organization itself?

6. If you prefer CC for your organization, which cloud environment (public cloud, private cloud

or hybrid cloud) do you prefer? Why?

7. What is your opinion on hybrid cloud?

8. What is your opinion about cloud services that are provided by different cloud providers?

9. Will the organization shift to the CC in future?