Cloud Computing Fundamentals

Published on
Scene 1 (0s)

Cloud Computing Fundamentals

Chitra S B.Tech , MS(VLSI) PMP

Scene 2 (8s)

[Audio] Let us start by understanding why Cloud and Cloud computing are buzz words today. Imagine you need a memory-intensive, costly software and associated graphics card for a few days. You have 2 options: Buy these and use them for a few days. It is rendered useless later. You can rent these for a low cost for few days and return back. Which do you think is better? Of course, we would choose the Rent option which is lower in cost and serves our purpose. Cloud computing can be considered as a similar option for our processing and computing needs.

Why is Cloud the buzz word?

Imagine you need a memory-intensive, costly software and associated graphics card for a few days. You have 2 options: Buy Rent Which do you think is better?

HAL Management Academy

2

Scene 3 (51s)

[Audio] Cloud computing is the Delivery of on-demand computing resources everything from applications to data centers over the internet on a pay-for-use basis. Cloud computing transforms IT infrastructure into a utility: It lets you 'plug into' infrastructure via the internet, and use computing resources without installing and maintaining them on- premises. Organizations of every type, size, and industry are using the cloud for a wide variety of use cases, such as data backup, disaster recovery, email, virtual desktops, software development and testing, big data analytics, and customer-facing web applications. For example, healthcare companies are using the cloud to develop more personalized treatments for patients. Financial services companies are using the cloud to power real-time fraud detection and prevention. And video game makers are using the cloud to deliver online games to millions of players around the world.

What is Cloud Computing?

Delivery of on-demand computing resources everything from applications to data centers over the internet on a pay-for-use basis. Examples of computing resources include:

Copyright@ HMA 2021. All rights reserved. This presentation is part of the online training modules offered by HAL Management Academy through LMS.

3

networks (9 servers storage applications services

Scene 4 (2m 0s)

[Audio] Let's start with understanding the five essential characteristics of the cloud—which include on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. On-demand Self-service means that you get access to cloud resources such as the processing power, storage, and network you need, using a simple interface, without requiring human interaction with each service provider. Broad Network Access, means that cloud computing resources can be accessed via the network through standard mechanisms and platforms such as mobile phones, tablets, laptops, and workstations. Resource Pooling, is what gives cloud providers economies of scale, which they pass on to their customers, making cloud cost-efficient. Using a multi-tenant model, computing resources are pooled to serve multiple consumers; cloud resources are dynamically assigned and reassigned, according to demand, without customers needing to concern themselves with the physical location of these resources. Rapid Elasticity, implies that you can access more resources when you need them, and scale back when you don't—because resources are elastically provisioned and released. And Measured Service, means that you only pay for what you use or reserve as you go; if you're not using resources, you're not paying. Resource usage is monitored, measured, and reported transparently based on utilization. As we see, cloud computing is really about utilizing technology "as a service"—leveraging remote systems on-demand over the open internet, scaling up and scaling back, and paying for what you use.

5 Essential Characteristics of Cloud

Copyright@ HMA 2021. All rights reserved. This presentation is part of the online training modules offered by HAL Management Academy through LMS.

4

1 The five essential characteristics of the cloud computing model (The... | Download Scientific Diagram

Scene 5 (3m 47s)

[Audio] There are different ways of deploying a cloud. Public cloud is when you leverage cloud services over the open internet on hardware owned by the cloud provider, but its usage is shared by other companies. In this model, a vendor makes available use of shared infrastructure including, but not limited to, compute, storage, database and network resources, that can be provisioned on demand and typically accessed over the internet for Public usage. The consumer will never see the hardware used nor know the exact physical location of their data, but they will be able to specify the geographic region in which it resides to aid with data latency depending o The National Institute of Standards and Technology defines Private Cloud as cloud infrastructure provisioned for exclusive use by a single organization comprising multiple consumers, such as the business units within the organization. It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises." n where you end users are located. A hybrid Cloud is a model that makes use of both Public and Private Clouds. This model may be used for seasonal burst traffic or for Disaster Recovery. A hybrid model is established when a network link is configured between the Private Cloud to services within the Public Cloud, essentially extending the logical internal network of the Private Cloud. This makes the benefits given from both the Public and Private models and allows you to architect your services in the most appropriate model. Community cloud is a cloud infrastructure that allows systems and services to be accessible by a group of several organizations to share the information. It is owned, managed, and operated by one or more organizations in the community, a third party, or a combination of them.

4 Deployment Models

Copyright@ HMA 2021. All rights reserved. This presentation is part of the online training modules offered by HAL Management Academy through LMS.

5

Cloud Computing | Types of Cloud Computing Services | ESDS

Scene 6 (5m 48s)

[Audio] The services in a cloud environment fall in 3 different service models. Infrastructure as a Service (IaaS) IaaS contains the basic building blocks for cloud IT. It typically provides access to networking features, computers (virtual or on dedicated hardware), and data storage space. IaaS gives you the highest level of flexibility and management control over your IT resources. It is most similar to the existing IT resources with which many IT departments and developers are familiar.  Platform as a Service (PaaS) PaaS removes the need for you to manage underlying infrastructure (usually hardware and operating systems), and allows you to focus on the deployment and management of your applications. This helps you be more efficient as you don't need to worry about resource procurement, capacity planning, software maintenance, patching, or any of the other undifferentiated heavy lifting involved in running your application.  Software as a Service (SaaS) SaaS provides you with a complete product that is run and managed by the service provider. In most cases, people referring to SaaS are referring to end-user applications (such as web-based email). With a SaaS offering, you don't have to think about how the service is maintained or how the underlying infrastructure is managed. You only need to think about how you will use that particular software. 

3 S ervice M odels

Copyright@ HMA 2021. All rights reserved. This presentation is part of the online training modules offered by HAL Management Academy through LMS.

6

Software Platform Application Code - Managed by User Dev Toots, and Runtimes, Databases, Analytics Managed by Provider Infrastructure Center, power, Storage ng Networking & Security

Scene 7 (7m 28s)

[Audio] Let us take a simple and interesting example to understand the service models further. If we consider Pizza analogous to our service required, the first column is where we do not use any cloud service. We prepare the dish entirely by ourselves and corresponds to the On premises architecture. 2nd, If you take precooked pizza base with toppings home and bake it yourself, you are using Infrastructure as a Service. The blue rows are managed by you and green by the service provider. 3rd, If you get the Pizza delivered, by say Dominos, you are using Platform as a Service option. Only the table where the Pizza is being served and any additional accompaniments are handled by you. 4th, If you decide to dine out and go to the restaurant to have Pizza, then the entire service is handled by the vendor. So here, you are using Software as a Service.

Copyright@ HMA 2021. All rights reserved. This presentation is part of the online training modules offered by HAL Management Academy through LMS.

Pizza-As-A-Service helps explain today's cloud - 404 Tech Support

Scene 8 (8m 28s)

[Audio] Let us see some merits and demerits of Cloud computing: The major advantages are: Agility: The cloud gives you easy access to a broad range of technologies so that you can innovate faster and build nearly anything that you can imagine. You can quickly spin up resources as you need them–from infrastructure services, such as compute, storage, and databases, to Internet of Things, machine learning, data lakes and analytics, and much more. You can deploy technology services in a matter of minutes, and get from idea to implementation several orders of magnitude faster than before. This gives you the freedom to experiment, test new ideas to differentiate customer experiences, and transform your business. Elasticity: With cloud computing, you don't have to over-provision resources up front to handle peak levels of business activity in the future. Instead, you provision the amount of resources that you actually need. You can scale these resources up or down to instantly grow and shrink capacity as your business needs change. Cost savings: The cloud allows you to trade capital expenses (such as data centers and physical servers) for variable expenses, and only pay for IT as you consume it. Plus, the variable expenses are much lower than what you would pay to do it yourself because of the economies of scale.  Security: Public cloud vendors such as AWS and Microsoft Azure are considered to be more secure than your own data center. This is down to the fact that they have to adhere to global compliance programs across multiple industries and by applying the shared responsibility model. Some possible disadvantages include: Vulnerability to attacks: Storing data in the cloud may pose serious challenges of information theft since in the cloud every data of a company is online. A security breach is something that even the best organizations have suffered from and it's a potential risk in the cloud as well. Network connectivity dependency: Cloud Computing is entirely dependent on the Internet. This direct tie-up with the Internet means that a company needs to have reliable and consistent Internet service as well as a fast connection and bandwidth to reap the benefits of Cloud Computing. Downtime: Downtime is considered as one of the biggest potential downsides of using Cloud Computing. The cloud providers may sometimes face technical outages that can happen due to various reasons, such as loss of power, low Internet connectivity, data centers going out of service for maintenance, etc. This can lead to a temporary downtime in the cloud service. Vendor lock-in: When in need to migrate from one cloud platform to another, a company might face some serious challenges because of the differences between vendor platforms. Limited control: Cloud customers may face limited control over their deployments. Cloud services run on remote servers that are completely owned and managed by service providers, which makes it hard for the companies to have the level of control that they would want over their back-end infrastructure.

Key Advantages & Disadvantages

ADV: Agility & Time-to-value Elasticity or Scale more easily Cost savings Security DISADV: Vulnerability to attacks Network connectivity dependency Downtime Vendor lock-in Limited control:

Copyright@ HMA 2021. All rights reserved. This presentation is part of the online training modules offered by HAL Management Academy through LMS.

8

Scene 9 (11m 55s)

[Audio] Let us quickly see how Google Drive, Google docs, sheets and slides depicts an excellent example for Cloud computing service. Cloud adoption is no longer a thing of the future. From a single individual to a global multi-billion-dollar enterprise, anybody can access the computing capacity they need on the cloud. The power, scalability, flexibility, and pay-as-you-go economics of cloud has made it the foundation for digital transformation. The International Data Corporation, IDC, predicts that by 2025, the total amount of digital data created worldwide will rise to 163 zettabytes (where one zettabyte is equivalent to a trillion gigabytes). And 30% of this data will be real-time information. Considering the unprecedented amounts of data being produced daily, and the ability to make data-driven decisions crucial to any business, cloud computing becomes essential for businesses to succeed, sustain, and compete in today's markets. A cloud strategy, more than just an IT strategy, is the core component of any business strategy today.

Google Drive/ Google Docs etc. as S aaS

Copyright@ HMA 2021. All rights reserved. This presentation is part of the online training modules offered by HAL Management Academy through LMS.

9

Scene 10 (13m 10s)

[Audio] I hope you have obtained a fair idea about the fundamentals of Cloud computing. We will now discuss fundamentals of Cybersecurity.

Cybersecurity Fundamentals

Chitra S B.Tech , MS(VLSI) PMP

Scene 11 (13m 21s)

[Audio] Information Security, according to NIST, is the protection of information systems from unauthorized activities in order to provide confidentiality, integrity and availability. Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative. Confidentiality is similar or equivalent to privacy. For confidentiality access to resources or data must be restricted to only authorized subjects or entities. Data encryption is a common method of ensuring confidentiality. Integrity on the other hand involves maintaining the consistency and accuracy of data over its entire life cycle. Data must not be changed in transit, for example, when it is sent over the Internet or using a local a Ensuring availability requires maintenance and upgrading of hardware and software and operating system environments. It is about keeping the business operations up and running, firewalls, proxies, computers everything has to be up and running 24 by 7, 365 days. rea network. And steps must be taken to ensure that no one or an unauthorized person or subject makes any changes to our data, so it cannot be altered by unauthorized people.

What is Cybersecurity?

Information Security, according to NIST, is the protection of information systems from unauthorized activities in order to provide confidentiality, integrity and availability. Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks.

Copyright@ HMA 2021. All rights reserved. This presentation is part of the online training modules offered by HAL Management Academy through LMS.

11

The CIA Triad – Interests and Insights

CIA Triad

Scene 12 (15m 9s)

[Audio] A vulnerability is a flaw, loophole, oversight, or error that can be exploited to violate system security policy. For example, a software or an application that has code vulnerable to a buffer or flow exploit. Threat is an event, natural or man-made, able to cause negative impact to an organization. It could be a storm or a hurricane or a hacker, for instance. An exploit is a defined way to breach the security of an IT system through a vulnerability. Like the buffer overflow example that I gave you before. An exploit could be a piece of code available on the internet to execute such attack against an application that happens to be vulnerable. A risk is the probability of an event or that an event could actually happen. In this case, the likelihood of a vulnerability to be exploited.

Vulnerability, T hreat , Exploit , and Risk

A vulnerability is a flaw, loophole, oversight, or error that can be exploited to violate system security policy. Threat is an event, natural or man-made, able to cause negative impact to an organization. An exploit could be a piece of code available on the internet to execute such attack against an application that happens to be vulnerable. A risk is the probability of an event or that an event could actually happen.

Copyright@ HMA 2021. All rights reserved. This presentation is part of the online training modules offered by HAL Management Academy through LMS.

12

Scene 13 (16m 8s)

[Audio] The cybercriminal could be internal or external to the organization facing the cyber-attack. Based on this fact, the cybercrime could be categorized into two types: Insider Attack: An attack to the network or the computer system by some person with authorized system access is known as insider attack. External Attack: When the attacker is either hired by an insider or an external entity to the organization, it is known as external attack. The cyber-attacks can also be classified as structure attacks and unstructured attacks based on the level of maturity of the attacker. Unstructured attacks: These attacks are generally performed by amateurs who don't have any predefined motives to perform the cyber-attack. Structure Attack: These types of attacks are performed by highly skilled and experienced people and the motives of these attacks are clear in their mind. They have access to sophisticated tools and technologies to gain access to other networks without being noticed by their Intrusion Detection Systems ( IDSs).

Copyright@ HMA 2021. All rights reserved. This presentation is part of the online training modules offered by HAL Management Academy through LMS.

13

Cybercrime/ Cyberattack Based on where from the attack occurs Insider attack External attack Based on level of maturity Structured Unstructured

Scene 14 (17m 22s)

[Audio] Phishing: It is a process of acquiring personal and sensitive information of an individual via email by disguising as a trustworthy entity in an electronic communication. The purpose of phishing is identity theft and the personal information like username, password, and credit card number etc. may be used to steal money from user account. Adware is a special type of malware which is used for forced advertising. They either redirect the page to some advertising page or pop-up an additional page which promotes some product or event. These adware are financially supported by the organizations whose products are advertised. Spyware is a special type of which is installed in the target computer with or without the user permission and is designed to steal sensitive information from the target machine. Mostly it gathers the browsing habits of the user and the send it to the remote server without the knowledge of the owner of the computer. Most of the time they are downloaded in to the host computer while downloading freeware i.e. free application programmes from the internet. Virus is a malicious code written to damage/harm the host computer by deleting or appending a file, occupy memory space of the computer by replicating the copy of the code, slow down the performance of the computer, format the host machine, etc. It can be spread via email attachment, pen drives, digital images, e-greeting, audio or video clips, etc. A virus may be present in a computer but it cannot activate itself without the human intervention. Worms are a class of virus which can replicate themselves. They are different from the virus by the fact that they does not require human intervention to travel over the network and spread from the infected machine to the whole network. Trojan horse is a malicious code that is installed in the host machine by pretending to be useful software. The user clicks on the link or download the file which pretends to be a useful file or software from legitimate source. It not only damages the host computer by manipulating the data but also it creates a backdoor in the host computer so that it could be controlled by a remote computer. Scareware: While surfing the Internet, suddenly a pop-up alert appears in the screen which warns the presence of dangerous virus, spywares, etc. in the User's computer. As a remedial measure, the message suggests the used download the full paid version of the software. As the user proceeds to download, a malicious code, known as scareware is downloaded into the host computer. It holds the host computer hostage until the ransom is paid. Ransomware is another kind of malware that employs encryption to hold a victim's information at ransom. A user or organization's critical data is encrypted so that they cannot access files, databases, or applications. A ransom is then demanded to provide access. Ransomware is often designed to spread across a network and target database and file servers, and can thus quickly paralyze an entire organization. It is a growing threat, generating billions of dollars in payments to cybercriminals and inflicting significant damage and expenses for businesses and governmental organizations.

Cyberthreats

Copyright@ HMA 2021. All rights reserved. This presentation is part of the online training modules offered by HAL Management Academy through LMS.

14

6 sure signs someone is phishing you—besides email - Malwarebytes Labs | Malwarebytes Labs

Scareware

What is Adware And How Can I Get Rid Of It? | by AdBlock | AdBlock's Blog

Adware

What Is Spyware? A Look at Spyware Examples & Types

Spyware

10 Signs That Your Computer is Infected with Viruses, Malware, or Trojans

Virus

Scareware: What Is It & How to Avoid or Remove It | Avast

Phishing

Ransomware 101: What Is Ransomware and How Can You Protect Your Business?

Ransomware

Trojan horse removal: Protecting Troy | Emsisoft | Security Blog

Trojan Horse

Scene 15 (20m 56s)

[Audio] Authentication: It is a process of identifying an individual and ensuring that the individual is the same who he/she claims to be. A typical method for authentication over internet is via username and password. With the increase in the reported cases of cybercrime by identity theft over internet, the organizations have made some additional arrangements for authentication like One Time Password ( OTP). Some of the larger organizations also use VPN ( Virtual Private Network), which is one of the method to provide secure access via hybrid security authentication to the company network over internet. Encryption: It is a technique to convert the data in unreadable form before transmitting it over the internet. Only the person who have the access to the key and convert it in the readable form and read it. Formally encryption Digital Signatures: It is a technique for validation of data. Validation is a process of certifying the content of a document. The digital signatures not only validate the data but also used for authentication. The digital signature is created by encrypting the data with the private key of the sender. The encrypted data is attached along with the original message and sent over the internet to the destination. The receiver can decrypt the signature with the public key of the sender. Now the decrypted message is compared with the original message. If both are same, it signifies that the data is not tempered can be defined as a technique to lock the data by converting it to complex codes using mathematical algorithms. Antivirus: To prevent various malicious codes to enter to your system, a special program called an anti-virus is used which is designed to protect the system against virus. It not only prevents the malicious code to enter the system but also detects and destroys the malicious code that is already installed into the system. Firewall: It is a hardware/ software which acts as a shield between an organization's network and the internet and protects it from the threats like virus, malware, hackers, etc. It can be used to limit the persons who can have access to your network and send information to you. There are two type of traffic in an organization viz. inbound traffic and outbound traffic. Using firewall, it is possible to configure and monitor the traffic of the ports. Steganography: It is a technique of hiding secret messages in a document file, image file, and program or protocol etc. such that the embedded message is invisible and can be retrieved using special software. Only the sender and the receiver know about the existence of the secret message in the image.

Cybersecurity Techniques

Authentication Digital signatures Firewall

Copyright@ HMA 2021. All rights reserved. This presentation is part of the online training modules offered by HAL Management Academy through LMS.

15

Types of Authentication Methods | Optimal IdM

What is Data Encryption? | Kaspersky

Encryption Antivirus Steganography

Electronic Signatures vs Digital Signatures

What is a Firewall? - TunnelsUP

Steganalysis and Machine Learning: a European answer

Scene 16 (24m 3s)

[Audio] Before the advent of Industry 4.0, the goal of cybersecurity involved defending organizational parameters. It's very commonly involved in protecting a private computer network. The methods used to prevent breaches include the use of firewalls, anti-malware software, intrusion detection systems among others. Even so, this approach to cybersecurity is becoming more obsolete by the day especially in an industrial context. Industry 4.0 aims to blur the boundaries between the digital and the physical worlds. From the perspective of a practitioner, the integrated and distributed nature of Industry 4.0 makes it impossible to completely secure a business from cyber-threats due to a number of reasons: Data sharing. With Industry 4.0, sharing of data and intellectual property is done across supply chains and various stakeholders. Systems are being integrated between consumers and suppliers. Data is distributed all through the systems, which means a greater security scope. Points of attack. Since these systems involve a number of stakeholders in the value chain as well as consumers, the number of user access points drastically increases. These access points are possible points of attack. The more points of attack to cover, the harder (and more expensive) it becomes to secure the whole system. Convergence of Information Technology and Operational Technology. Software and hardware boundaries are blurred. To secure these Industry 4.0 systems from end to end, it is important to consider the digital components as well as the physical ones. The methods previously used such as anti-malware, intrusion detection systems, and firewalls may fall short of the mark when involving software and different types of hardware systems. Playing catch-up. Even prior to Industry 4.0, cybersecurity threats tended to be one step ahead of potential solutions or preventive measures. It is common to set up preventive measures in a private network such as firewalls and intrusion detection systems that react to new threats that bypass such measures. However, with Industry 4.0, given the systems cut across industries and have possibly thousands of different devices and networks interacting with each other, the types of threats to anticipate increase. The possibility of new threats increases exponentially. For example, emerging threats may target a specific device among thousands in a network. This is incredibly difficult to anticipate. Even when we come to personal domain, the cybersecurity consciousness needs to be embedded within individuals. There was a recent incident where my friend's facebook account was hacked and the hacker tried messaging some of the friends in the list for some money. A few conscious people called up my friend to confirm before sending the money, whereas a few did not cross check. So Cybersecurity and internet secure practices don't just apply to huge organisations and Industry 4.0 but also to our everyday lives as well. I hope you have obtained a fair idea about the fundamentals of Cybersecurity. Thank you

Why Industry 4.0 Cybersecurity?

Data sharing.  Points of attack.  Convergence of Information Technology & Operational Technology.  Playing catch-up.

Copyright@ HMA 2021. All rights reserved. This presentation is part of the online training modules offered by HAL Management Academy through LMS.

16

Scene 17 (27m 35s)

[Audio] Thank you.

Thank You…

Copyright@ HMA 2021. All rights reserved. This presentation is part of the online training modules offered by HAL Management Academy through LMS.