Author: Albert Su
Date: May 1, 2021
Since cyber is supposed to be a part of space, cyberspace, Nibiru is a supposed planet according to NASA (Space.com, n.d.). A twelfth planet, Nibiru was rumored to be on a collision course with Earth. Unlike this distant planet, the cyber topic of cloud computing is closer to Earth. In cloud computing, data and services models are as mysterious as Nibiru. The cloud is capable of storing large amounts of data and offers a range of service applications such as Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), and Infrastructure-as-a-Service (IaaS). One only needs to peer through a telescope to find the cloud’s infrastructure (e.g., servers, storage, networking). Closer to the ground, the user sees through a lens the things (e.g., IoT devices, smartphones, industrial control systems) of the Internet through fog computing. The topic of cyber is exploratory, from cybersecurity threats in cyberspace to infrastructure threats in cloud computing.
According to the National Institute of Standards and Technology (NIST), cloud computing is model a convenient, on-demand, network-accessible with configurable computing resources (e.g., networks, servers, storage, applications, and services) (Cho et al., 2021). According to Synergy Research Group, Software-as-a-Service (SaaS) is growing approximately 30% annually, with software vendors researching $23 billion in 2019. According to NIST, the challenges of securing against cyber-attacks are referenced in cloud computing architecture (Mell, 2012). In NIST Special Publication 800-146 (NIST, 2012), listed are the security issues derived from cloud definitions and reference architecture.
These architectural components with a derivation of security issues consist of a cloud broker, on-demand provisioning, resource pooling, service models (e.g., PaaS, SaaS), infrastructure as a service (IaaS), broad network access to possibly untrustworthy client devices, and measured service usage (e.g., SLA) (Mell, 2012). Multiple security controls from the general-purpose control framework in NIST Special Publication 800-53 are mapped to each control catalog defined in NIST 800-146. Each control needs to be defined with the service models and deployment models.
A cornerstone of cloud computing is virtualization. Virtualization is defined as the abstraction of the hardware resources virtualized into four elements: storage, process computing resources, memory, and network (I/O). The cloud architecture is heavily dependent on virtualization, where public clouds often reuse the hardware (CPU, hard drives, cache memory). Since public cloud providers share hardware (e.g., servers, storage, memory), the sharing of virtualization products is vulnerable to security risks. According to Nanavati et al. (2014), these risks include virtualization components starting from the hypervisor. The hypervisor virtualizes the hardware to simultaneous execution of OS instances at the same time called side-channels. These side channels are complex multiplexing communications of processors, memory storage (cache), data storage, and multi-tenant infrastructure. This multi-tenant infrastructure cloud service exposes some risk to provisioning affecting the confidentiality of the data.
Affecting confidentiality of the data, cloud deployment models are referred to as the private cloud, community cloud, public cloud, and hybrid cloud. According to NIST (2012), private cloud infrastructure is provisioned exclusively for a single organization and may be owned, managed, and operated by that organization, third party, or a combination. This private infrastructure may exist on or off-premises. A community cloud infrastructure is provisioned for a specific community of consumers from organizations with shared interests (e.g., security requirements, mission, compliance) and may be owned, managed, and operated by that organization, third party, or a combination. This private infrastructure may exist on or off-premises. A public cloud infrastructure is provisioned for use to the public. It is owned, managed, and operated by an organization (e.g., business, academic, government), and it exists at the cloud provider on-premises. A hybrid cloud infrastructure is a combination of two distinct cloud infrastructures (e.g., private, community, or public). The bound infrastructures enable proprietary technology, data, and applications the portability balancing between clouds.
Internet of Things (IoT)
The Internet of Things (IoT) technology has enabled billions of devices, sensors, actuators, and objects connected to the Internet (Abbasi et al., 2020). These devices generate massive amounts of processable data requiring cloud computing, storage, and networking. The processing speed between each layer increases the response time and latency. These layers include the cloud layer, fog layer, edge layer, and Things (e.g., IoT, robotics, smart devices). Each layer imposes propagation delays from Things to Cloud due to distance (devices to data center), bandwidth limitation (Internet speed), device resource constraints (IoT computational needs), and security (authentication, access).
Power Usage Effectiveness (PUE)
According to the US data center, in 2013, 91 billion kWh of electricity was consumed, equivalent to two years of energy consumption of New York households (Xu & Buyya, 2020). In 2020, the energy consumption predicted was 140 billion kWh, equivalent to 150 million tons of carbon emissions. To calculate the efficiency, Power Usage Effectiveness (PUE) is a ratio of the data centers use of energy compared to how much energy the data center is consuming. As infrastructure resources from computing, storage, networking, and cooling are consumed, the carbon footprint from data centers can be improved by resource utilization.
Mobile Cloud Computing
According to Renaud Larsen of Juniper Networks (Chopra, 2018), cloud mobility basics add latency to each network layer. The Mobile Cloud Computing (MMC) model consists of several layers, each adding latency. The four layers consist of (1) servers and virtual machines (VMs), (2) Internet cloud, (3) wireless access point (WAP), and (4) mobile devices. The current gap is the innovative mechanisms needed for cloud computing to address the last-mile quality, reduce latency, and deliver localized mobile computing.
The challenges of cloud computing extend beyond service (e.g., SaaS, PaaS, IaaS) and deployment models (e.g., Private cloud, community cloud, public cloud, and hybrid cloud). As layers of the cloud are added, latency increases in mobile coverage with remote, last-mile locations. The challenge to last-mile cloud nodes is insufficient access to the Internet and cloud resources (e.g., intermittent Internet connections, quality of the signal, bandwidth, and processing power).
- Problem – Identify a large problem affecting the world.
- Solution – Propose a radical solution for solving that problem.
- Technology – Provide a reason with analysis and research methods (quantitative, qualitative, mixed) that these technologies can work.
Abbasi, M., Yaghoobikia, M., Rafiee, M., Jolfaei, A., & Khosravi, M. R. (2020). Efficient resource management and workload allocation in fog–cloud computing paradigm in IoT using learning classifier systems. Computer Communications, 153, 217-228.
Cho, S., Hwang, S., Shin, W., Kim, N., & In, H. P. (2021). Design of Military Service Framework for Enabling Migration to Military SaaS Cloud Environment. Electronics, 10(5), 572.
Chopra, R. (2018). Chapter 3&4: Advanced cloud applications. In Cloud computing: An introduction. Mercury Learning & Information.
Mell, P. (2012). What’s Special About Cloud Security? IT Professional Magazine, 14(4), 6-8.
Nanavati, M., Colp, P., Aiello, B., & Warfield, A. (2014). Cloud security: A gathering storm. Communications of the ACM, 57(5), 70-79.
NIST. (2012). Cloud Computing Synopsis and Recommendations. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-146.pdf.
Space.com. (2019). Nibiru: The Nonexistent Planet. https://www.space.com/15551-nibiru.html
Xu, M., & Buyya, R. (2020). Managing renewable energy and carbon footprint in multi-cloud computing environments. Journal of Parallel and Distributed Computing, 135, 191-202.