Cloud Computing
Nennen Sie die 5 essentiellen Charakteristiken der Cloud?
On-demand self-service Broad network access Resource pooling Rapid elasticity Measured service
Was für Cloud benefits gibt es?
Reduced Cost There are a number of reasons to attribute Cloud technology with lower costs. The billing model is pay as per usage; the infrastructure is not purchased thus lowering maintenance. Initial expense and recurring expenses are much lower than traditional computing. Increased Storage With the massive Infrastructure that is offered by Cloud providers today, storage & maintenance of large volumes of data is a reality. Sudden workload spikes are also managed effectively & efficiently, since the cloud can scale dynamically. Flexibility This is an extremely important characteristic. With enterprises having to adapt, even more rapidly, to changing business conditions, speed to deliver is critical. Cloud computing stresses on getting applications to market very quickly, by using the most appropriate building blocks necessary for deployment.
Welche Key Values gibt es bei der Hybrid Cloud?
1) Enables a highly cost-effective, rapidly responsive and elastic IT, better aligned with the business needs in order to support two speed IT. 2) Provides a portfolio of business and IT services that leverage the best capabilities of cloud service providers, enabling flexibility in what can be built and where it can be deployed. 3) Enables the business to innovate faster while leveraging existing systems and capabilities.
Welche Basis-Operationen gibt es für das Application Placement?
1. Place the application and its datasets into a public cloud environment connecting to existing enterprise applications and datasets onpremises as required. 2. Place the application and its datasets into a private cloud environment connecting to existing enterprise applications and datasets onpremises as required. 3. Place the application on-premises (or into a private cloud environment) and link to public cloud services as required to obtain new or specialized capabilities. 4. Place some components of the application and its datasets into a public cloud environment while placing other components into a private cloud service and/or an on-premises non-cloud environment, linking them together as required.
Welche Service Modelle gibt es?
3 service models: SaaS: Software as a Service PaaS: Platform as a Service IaaS: Infrastructure as a Service
Welche Deployment Modelle gibt es?
4 deployment models: Private Cloud Community Cloud Public Cloud Hybrid Cloud
Was ist bei Security controls zu beachten?
A security control acts as a tool to restrict a list of possible actions down to those that are allowed or permitted. An industry group, called the The Cloud Security Alliance, has documented a complete list of data security controls in a reference called the Cloud Control Matrix. This matrix is an important tool and is designed to help the security professional identify and selected data security controls, based on the applicable industry regulations or security governance environment. Controls are generally described as being within one of three categories: § Administrative: regulations, policies, laws, guidelines, and practices governing the overall information security requirements and controls § Logical: Virtual technical and application controls such as firewalls, encryption, anti-virus software, and maker/checker routines § Physical: used to manage physical access like a key to a door. Other physical controls include gates and barricades, video surveillance systems, the use of guards, and remote backup facilities
Was bedeutet network access?
Broad network access. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations).
Was ist bei dem Deployment zu beachten?
Cloud application deployment involves both programming interfaces and cloud-specific packaging technologies. This operational requirement may include traditional packaging mechanisms like EAR/WAR files and .Net assemblies. Building and deploying a VM image should be simple and portable between different hybrid infrastructure environments. Any required compensations should be well known and mechanisms for attaching storage to VMs well understood.
Was ist cloud provisioning?
Cloud provisioning refers to the processes for the deployment and integration of cloud computing services within an enterprise IT infrastructure. This is a broad term that incorporates the policies, procedures and an enterprise's objective in sourcing cloud services and solutions from a cloud service provider.
Was bedeutet Community Cloud?
Community cloud. The cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises.
Welche Herausforderungen sind bei einem Data Center zu Bewerkstelligen?
Connectivity - Traffic Flow § Scalability - scale as one logical entity § Complexity - raises as DCs grow
Aus welchen Komponenten besteht die API Management Architektur?
Crate, Run, Manage, Secure
Wer is der Cloud Service Provider (CSP)
Creates, manages, and delivers information technology services to the service consumer. Provider tasks vary based on the service model
Welche Cloud Challenges kennen Sie?
Data Protection Data Recovery and Availability Management Capabilities Regulatory and Compliance Restrictions
Was muss bei der Hybrid Cloud berücksichtig werden bezüglich Applikations und Data?
Defining the right application and data deployment model is a critical step in the journey to use hybrid cloud. The right deployment model positions IT to align with business needs and enable achievement of objectives. The cloud deployment model must address the following: § What cloud resources should be deployed § What applications, services and data should go where
Welche delivery models kennen Sie im bezug auf provisioning?
Dynamic/On-Demand Provisioning: The customer or requesting application is provided with resources on run time. § User Provisioning: The user/customer adds a cloud device or device themselves. § Post-Sales/Advanced Provisioning: The customer is provided with the resource upon contract/service signup
Was ist bei Privacy zu beachten?
General Data Protection Regulation (GDPR)
Was bedeutet Hybrid Cloud?
Hybrid cloud. The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities, but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds).
Beschreiben Sie Single Point of Failure:
In redundant architectures, duplicate components eliminate the single point of failure present when only one device or component is present in the layer. With one component in a layer, there is only one way in and one way out. A second device adds multiple ingress and egress points to the design, eliminating the single point of failure associated with single-component layer designs.
Was bedeutet IaaS?
Infrastructure as a Service (IaaS). The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications. The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, and deployed applications; and possibly limited control of select networking components (e.g., host firewalls).
Wer ist der Serivce Consumer?
Ist derjenige der den Cloud Dienst tatsächlich konsumiert
Was ist bei den Lifecycle management zu beachten?
Lifecycle management of applications and documentation is a continuous challenge to all organizations. Tasks that fall within this requirement include - versioning, - data retention, and destruction and - information discovery. § Legal liabilities can be substantial if due diligence is not effective in identifying regulatory and legal restriction in this area.
Beschreiben Sie Horizontal Scaling:
Load balancing is a major design component when adding redundancy to designs. A single load balancer will help delegate traffic across multiple servers, but a single load balancer creates another single point of failure. For redundancy, two or more load balancers are added to designs. Load balancers control traffic patterns. There are many interesting configurations to consider when deciding how to control and distribute traffic. Distribution may relate to traffic type, content, traffic patterns, or the ability of the servers to respond to requests. Load balancers help to handle traffic logically
Was bedeutet Measure Service?
Measured service. Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service.
Was bedeutet Identity Management ?
Most cloud computing solutions can leverage industry-specific identity management standards and protocols, such as SAML and OAuth. These may also need to interact with traditional standards such as RosettaNet or OASIS. Although the specific standard may vary between applications, the solution must be able to handle all access and data authorization scenarios efficiently.
Was ist bei Location awareness zu beachten?
National data sovereignty laws are expanding globally. These new requirements not only apply to how an organization handles data but it also equally apply to data managed on the organization's behalf. The associated requirement may include legal restrictions on the location of the physical server when organizational data is present. Meeting locationdependent legal requirements may require the use of APIs that determine the location of the physical hardware associated with the delivery of all cloud services.
Service provisioning process:
Network service provisioning: The administrators allocate network resources to specified services or applications on the cloud platform. § Computing service provisioning: The administrator creates, deletes, and migrates computing and storage resources on the cloud platform.
Was bedeutet On-Demand self-service?
On-demand self-service. A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.
Was bedeutet Application programming interface (API)?
Organizations and practitioners alike need to understand and appreciate that cloud-based development and applications can vary from traditional or on-premise development. When considering an application for cloud deployment, one must remember that applications can be broken down into the following subcomponents: § Data § Functions § Processes These components can be further broken up, so that portions that have sensitive data run in a traditional data center and less sensitive data runs in a cloud computing environment. It is also important for developers to understand that, in many cloud environments, access is acquired through the means of an application programming interface (API). These APIs will consume tokens rather than traditional usernames and passwords. APIs can be broken down into two formats: § Representational state transfer (REST) § Simple object access protocol (SOAP) The application programming interfaces (APIs) are a means for a company to expose functionality to applications. Some benefits of APIs include the following: § Programmatic control and access § Automation § Integration with third-party tools
Welche Cloud opportunities und Risiken kennen Sie?
Outsource & automate routine tasks Security & privacy
Was bedeutet PaaS?
Platform as a Service (PaaS). The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.
Was bedeutet Private Cloud?
Private cloud. The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises.
Was bedeutet Public Cloud?
Public cloud. The cloud infrastructure is provisioned for open use by the general public. It may be owned, managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider.
Was bedeutet Rapid elastictiy?
Rapid elasticity. Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time.
BEschreiben Sie Redundancy and Resiliancy:
Redundancy is something that is done to prevent failure, implying that it happens before an issue happens. Resiliency, from the word resolve, relates to how to find solutions after a problem has occurred.
Was bedeutet Resource pooling?
Resource pooling. The provider's computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, and network bandwidth.
Nennen Sie eigenschaften von Amazon Elastic Compute Cloud
Scale capacity according to needs Pay only for actually used capacity Choose Linux or Windows Deploy across AWS Regions and Availability Zones
Welche Archtekturcharakteristika kennen Sie?
Single Point of Failure, Redundancy vs. Resiliancy, Horizontal Scaling
Was bedeutet SaaS?
Software as a Service (SaaS). The capability provided to the consumer is to use the provider's applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based email), or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings.
Welche Operational Requirements gibt es zu Portability and interoperability?
Specific technology categories where portability and interoperability standards should be specified include the following: § Data: Enabling the reuse of data components across different applications. Since data interoperability interfaces do not currently exist, this may require the use of data virtualization techniques. § Applications: This focuses on interoperability between application components. These have SaaS deployed components, application modules leveraged in a PaaS, or infrastructure components consumed as IaaS. Similar issues arise in a hybrid environment when interfacing with a traditional enterprise IT environment or with client endpoint devices. Application portability enables the re-use of all application components across the entire hybrid IT environment. § Platforms: This category addresses the re-use of service bundles that may contain infrastructure, middleware, or application components along with any associated data. § Infrastructure: Interoperability and portability associated with various hardware virtualization technologies and architectures. § Management: Management interoperability is interoperability between cloud services (SaaS, PaaS, or IaaS) and programs concerned with the implementation of on-demand self-service. Management may also include application programs concerned with the deployment, configuration, provisioning, and operation of cloud resources. § Publication and acquisition: The self-service aspect of cloud computing gives end users the ability to acquire software, data, infrastructure and various other cloud services. Developers can also publish applications, data, and cloud services via online marketplaces. This category addresses interoperability between platforms and cloud service marketplaces, including app stores.
Was sind Hybrid Cloud per Definition?
The ISO 17788 Cloud Computing Overview and Vocabulary standard [2] defines hybrid cloud as "a cloud deployment model using at least two different cloud deployment models" - where the potential deployment models are public cloud, private cloud and community cloud.
Was it der Fabric Layer?
The data center fabric, generically, is the layout of how the computing, networking, and software components of a data center work together to deliver IT services. It is also the name of Facebook's specific data center plan called "data center fabric."
Was muss beachtet werden wenn eine cloud geplant wird?
The expected number of concurrent users for every application or service § User growth rates over an annual period § The variability of user demand and for any apparent temporal cycle (that is, time of day, day of the week, week of the month, month of the year) § User consumption differences based on the user's geographic location § Breadth across the population and frequency in the use of mobile devices and mobile applications § Types, models, and operating systems of mobile devices used § Device ownership options § Variability of user characteristics based on functional entity association, including any economic variable measured or tracked by separate organizational entities or consolidated across the entire user base § Important business continuity or disaster recovery concerns are driven by end user location, end user devices, operational process considerations, or the usage cycle
Was sind die Hauptbedenken bei der Hybrid Cloud?
The major concern of hybrid cloud deployment is to ensure effective and efficient integration of all the components in the three groups in the Figure, taking into account the interfaces between them.
Was ist bei Metering and monitoring zu beachten?
The pay-as-you-go cloud computing model requires consistent and ubiquitous metering and monitoring of all cloud services. This capability is essential to an effective cost control, internal charge-backs, and service provisioning process.
Welche Tasks hat der CSP bei SaaS?
The provider installs, manages, and maintains all software. Service consumers only have access to the application
Welche Tasks hat der CSP bei PaaS?
The provider manages and provides a standardized application development environment. This is typically in the form of a development language framework
Welche Tasks sind im Management Layer vom provider?
This layer meters and monitors the use of all services. It also provisions and deprovisions services based on user demand and service provider capacity. Management also includes billing, capacity planning, SLA management, and reporting. Security is applied across all aspects of the service provider's operations
Wie sieht eine typische 3-schichten architektur aus?
Tier 1: Web Server Tier 2: Application Server Tier 3: DataBase Server
Was ist bei Open client zu beachten?
Ubiquitous access to cloud services levies a requirement for the use of open clients and endpoint devices. The use of vendor-specific endpoints violates this essential requirement as cloud services should not require the use of vendor-specific platforms or technologies.
Welchen Zweck erfüllt Common Infrastructure File Formate?
Virtual machine portability is a significant concern in a cloud computing environment. Concerns are especially valid in a hybrid IT deployment. Any enterprise solution should address possible differences in both the VM file format and the process for attaching storage to VMs.
Was bedeutet Virtualization?
Virtual machines & Containers: Hypervisor: Well-known Hypervisors: KVM (Open Virtualization Alliance) Xen (Citrix, Amazon) VMWare VirtualBox (Multi-platform software & hardware-assisted virtualization) Hyper-V (Microsoft)
Welche Komponenten sind im Control Layer?
Virtualization Management § Vmware (vCenter, VRM) § HyperV Manager § Cloud Operations & Monitoring & Analytics § Nagios, CloudWatch, OpenNebula, Azure FC § Outlyer
Was ist bei Data and application federation zu beachten?
When combining data from multiple cloud-based sources, enterprise applications need to coordinate the applications activities that may span multiple platforms; cloud managed service provider and traditional data centers. Hybrid environments require implementing data federation and virtualization techniques across the various environments.
Was steckt hinter der Idee von Federated Identity?
When operating in a hybrid environment, the idea is to have the user maintain responsibility for a single ID with the infrastructure federating all other required identities. This federation would include the primary identity needed by an end user and all associated enterprise roles that the user is likely to hold within the enterprise.
Beschreiben SIe den Create Vorgang bei API Management?
covers the development lifecycle: § design, model, test, build and deploy
Beschreiben Sie en Run Vorgang bei API Management:
covers the performance, scalability, load and resilience of the API runtime platform.
Beschreiben Sie den Manage Vorgang bei API Management:
covers the publicizing, socializing, management, governance and cataloging of APIs aswell as the user management of API consumers and providers. It also covers the monitoring,collection and analysis of API metrics
Beschreiben Sie den Secure Vorgang bei API Management:
covers the runtime security enforcement of APIs in terms of authentication,authorization, rate limits, encryption and proxying of APIs.
Welche Security Aspekte behandelt die NIST-Spezifikation?
the organization is accountable for the choice of public cloud and the security and privacy of the outsourced service. it is essential for an organization to oversee and manage how the cloud provider secures and maintains the computing environment and ensures data is kept secure. security and privacy objectives of an organization is a key factor for decisions about outsourcing information technology services. biggest obstacles facing public cloud computing is security, the cloud computing paradigm provides opportunities for innovation in provisioning security services.
Welche Tasks hat der CSP bei IaaS?
the provider maintains and operates the facilities, hardware, virtual machines, storage, and network associated with the delivery of any information technology service. The service consumer, however, is responsible for service design, operations, and delivery
Welche Sicherheitsaspekte bei Cloud Computing?
§ Application Security § Encryption and Key Management § Identity, Entitlement, and Access Management § Hypervizor Tampering
Was für Operational Requirements gibt es?
§ Application programming interface § Common infrastructure file formats -VMs § Data and application federation § Deployment § Federated identity § Identity management § Portability and interoperability § Lifecycle management § Location awareness § Metering and monitoring § Open client § Availability § Privacy § Resiliency § Auditability § Performance § Management and governance § Transaction and concurrency across clouds § SLAs and benchmarks § Provider exit § Security § Security controls § Distributed computing reference model
Was ist bei Auditability zu beachten?
§ Auditability describes the extent to which a cloud service consumer can conduct a thorough and accurate assessment of the cloud service provider's ability to deliver and appropriately account for the cost of delivering a cloud service. § This sort of data is typically driven by legal or regulatory requirements and is often foundational to an organization's ability to use a service at all. § The solution architect should be aware of all audit requirements and advise mission/business owners on the service's ability to meet them.
Was sind Cloud Service (Level) Agreements ?
§ CSAs are a set of documents or agreements that contain the terms governing the relationship between the cloud customer and the cloud service provider. § Because the cloud computing market is still developing, cloud customers should be aware that there may be a mismatch between their expectations and the cloud providers' actual service terms. § In general, the CSA is comprised of three major artifacts: § Customer Agreement § Acceptable Use Policy (AUP) § Service Level Agreement (SLA)
Was ist bei Security in Bezug auf OPRE zu beachten?
§ Cloud computing security is always a significant concern but focuses primarily on user data privacy. § When using cloud services, end users do not have control of storage location. § Apart from SLA-specified limitations, they also lack specific knowledge of storage location.
Was ist bei Availability zu beachten?
§ Cloud service availability describes the degree to which a specific service is in a specified operable and committable state if a provisioning a request at a random time. § Availability is usually expressed as a percentage and stated in the CSP service level agreement. § The CSP sets availability, but additional payments can enhance this value. § The solution architect should be aware of all service availability rates and advise mission/business owners on the service's ability to meet organizational goals.
Was ist bei SLAs and benchmarks zu beachten?
§ Companies that sign SLA-backed contracts should also establish a standard way of benchmarking CSP performance. § SLA should not only specify minimum requirement and variability expectations, but it should also specify appropriate remedies to the consumer should the CSP fail to meet a service level or restore services to the appropriate level within a specified period. § Service definitions and metrics should be unambiguous.
Aus welchen Phasen besteht der Data security life cycle?
§ Create: The generation or acquisition of new digital content, or the alteration/updating of existing content. Creation can happen internally in the cloud or externally after the data is imported into the cloud. The creation phase is the preferred time to classify content according to its sensitivity and value to the organization. Careful classification is necessary because weak security controls could be implemented if the content is classified incorrectly. § Store: Committing digital data to a storage repository; typically occurs nearly simultaneously with creation. When storing data, protection should align with its classification level and controls, such as encryption, access policy, monitoring, and logging, and backups should be implemented to avoid data threats. Content can be vulnerable to attackers if access control lists (ACLs) are not well implemented, or files are not scanned for threats or classified incorrectly. § Use: Viewing or processing, or otherwise used in some activity, not including modification. Data in use is most vulnerable because it might be transported to unsecured locations such as workstations. § Share: Information made accessible to others, such as between users, to customers, and to partners. Since shared data is no longer under the organization's control, maintaining security can be difficult. Data loss prevention technologies can be used to detect unauthorized sharing, and data rights management technologies can be used to maintain control over the information. § Archive: Data leaves active use and enters long-term storage. Considerations of cost versus availability can affect data access procedures. Data placed in an archive must still be protected according to its classification. Regulatory requirements must also be addressed, and different tools and providers might be part of this phase. § Destroy: The permanent destruction of data using physical or digital means (for example, crypto-shredding). The destroy phase can have different technical meanings according to usage, data content, and applications used. Data can be destroyed through the logical erasure of pointers or via permanent data destruction using physical or digital means. Consideration should be given according to regulation, type of cloud being used (IaaS versus SaaS), and the classification of the data:
Was ist bei Data privacy zu beachten?
§ Data subject: An identifiable subject is one who can be identified, directly or indirectly, in particular by reference to an identification number or one or more factors specific to his physical, physiological, mental, economic, cultural, or social identity [telephone number, IP address]. § Controller: The entity which alone, or jointly with others, determines the purposes and means of the processing of personal data. When national or community laws or regulations determine the purposes and means of processing data, the controller may be designated by national or community law. § Processor: A natural or legal person, public authority, agency, or any other body that processes personal data on behalf of the controller. § Data owner: An entity that can authorize or deny access to data and is the authority responsible for its accuracy, integrity, and timeliness.
Wozu benötigen wir einen Plan für die Hybrid Cloud?
§ Ensure security while doing business faster § Deliver products and services more efficiently § Collaborate more effectively § Offer more services while saving money § Improve outcomes through more opportunities
Welches Cloud Service Model ist bei der Hybrid Cloud am besten geeigent(Use-Cases)
§ IaaS: well suited to cases where the application and its required software stack already exist and are well understood by the enterprise - move the whole set of software into one or more virtual machines with associated storage resources. § PaaS: well suited to applications built for runtimes and services supported by a complete middleware platform, especially where the enterprise wants to be relieved of the burden of maintaining and operating complex software stacks if required by the application. Also particularly suited to creating new custom applications with minimum effort and risk. § SaaS: well suited to cases where the enterprise wants to avoid the costs and risks of developing custom applications, where standard offthe- shelf cloud services provide the required businesscapabilities.
Welche Arten von Data classification gibt es?
§ Information classification: High-level descriptions of critical information categories. The goal is to define high-level categories to determine appropriate security controls. § Information management policies: Policies that define allowed activities for different data types. § Location and jurisdictional policies: Where data can be located geographically. Legal and regulatory restrictions drive this. § Authorizations: Define which employee/user types are allowed to use or access which types of information. § Ownership: The ultimately responsible party for the protection of information. § Custodianship: Who is responsible for managing the information, at the direction of the owner.
Was ist bei Resiliency zu beachten?
§ Resiliency refers to the ability of a cloud service to recover from service delivery difficulties or failure. The CSP sets resiliency levels, but additional payments can enhance the property. § The solution architect should be aware of all service resiliency specifics and advise mission/business owners on the service's ability to meet organizational goals.
Welche metriken sind relevant um Cloud Service Provider zu vergleichen?
§ Service response time (delay): The latency time between service request and service completion § Service throughput: The number of jobs processed by the service provider within a set time unit § Service availability: The probability that the service provider accepts a customer service request at any time § System utilization: The percentage of system resources being used for service provisioning § System resilience: The stability of system performance over time, especially under bursty loads § System scalability: The ability of a system to perform well with size or volume changes § System elasticity: The ability of a system to adapt to changes in its loads
Welche Baseline Architecture Typen kennen Sie?
§ Single Server § Single Site: --§ Non-redundant 3-Tier architectures --§ Redundant 3-Tier architectures
Was ist bei dem Provider exit zu beachten?
§ The cloud solution architect should prioritize risk mitigation as part of any solution design. § Setting this as a priority dictates a carefully designed provider exit strategy plan before consuming any cloud service. § Risk mitigation requires the identification and verification of secondary, and in some cases, a tertiary, supplier for all cloud service deemed crucial to the enterprise.
Was ist bei Management and governance zu beachten?
§ The ease of use associated with to opening an account and using cloud services creates the risk of abuse in the provisioning and consumption of cloud-based services. Cloud industry leaders often highlight this risk as a significant security risk. Organizations must, therefore, establish strict management and governance procedures. § Recommendations are to include tracking for initiation and use of cloud services like storage, databases, and message queue volumes. Establishment and enforcement of governance are critical to successfully following government regulations, as well as industry and geography-specific policies.
Was bedeutet das Distributed computing reference model ?
§ The various cloud service models expose applications, platform and infrastructure components in many different and unique ways. § The different interfaces between the various components create a foundation for the distributed computing reference model. § The open group created the model as a means for identifying and managing the interoperability and portability of cloud computing solutions. § The architect should also note that the execution of all interactions is through industry standards, user-developed or vendor-specific APIs, or web services.
Was ist bei Transaction and concurrency across clouds zu beachten?
§ When operating across a cloud ecosystem, the sharing of applications and data drives the requirement for ACID transactions and concurrency. § Any changes made by any member of the ecosystem must be visible, auditable and reliable. § Specific to this requirement is an expanding use of blockchain and related technologies across the cloud computing industry.
Was ist bei Performance zu beachten?
§ While the service level agreement outlines the minimum level of service expected from a provider, performance may still vary widely across any specified parameter set. § Service components that lie entirely outside the provider or consumer's control may drive variability. § Things like network bandwidth limitations or abnormally large service provisioning request can dramatically affect the cost or availability of a service. Performance variability and auditing should, therefore, be directly addressed by the cloud solution architect.
Welche Operativen Ziele hat cloud?
§Simplicity § Manage operational complexity §Efficiency § Support for diverse resources §Flexibility § Rapid deployment, scaling, reconfiguration
