Abstract image of a woman sitting on books and studying on a laptop

Directions Answer each question individual and respond with full .docx

Download as DOCX, PDF
M
mariona83

The document outlines a series of questions for a capstone project review, emphasizing reflection on past coursework, post-assessment expectations, and the leadership portfolio's significance. It also covers cloud computing concepts, specifically Identity as a Service (IDaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS), detailing their advantages, challenges, and real-world applications. Key topics include identity management, single sign-on (SSO), load balancing, and the role of various cloud service providers.

Education
1 of 33
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Directions: Answer each question individual and respond with full knowledge and understanding. Use 100% original work and turn in on before or date requested.. 1. How did you apply the knowledge, skills, and attitudes from previous courses to the application of your capstone project? What did you learn from those experiences that prepared you for the capstone? 2. After implementing your capstone, you will have an opportunity to conduct a post-assessment and evaluate the success of the project. Before getting the results, what do you expect to learn from the post-assessment? Do you feel your capstone project was successful? What could you have done differently or improved upon? 3. Now that you have finished your capstone project, reflect on its function, purpose, and success with your classmates. What do you wish you had known before starting? If you wanted to continue the project, what would be your next steps? 4. During this topic, you will compile a leadership portfolio that encapsulates key assignments that helped shape you as a leader. How will this portfolio reflect your vision as a leader? How does it demonstrate your growth throughout the program? School of Computer & Information Sciences ITS-532 Cloud Computing
Chapter 5 – Identity as a Service (IDaaS) Content from: Primary Textbook: Jamsa, K. A. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile, security and more. Burlington, MA: Jones & Bartlett Learning. Secondary Textbook: Erl, T., Mahmood, Z., & Puttini, R. (2014). Cloud computing: concepts, technology, & architecture. Upper Saddle River, NJ: Prentice Hall. 1 Learning Objectives Describe challenges related to ID management. Describe and discuss single sign-on (SSO) capabilities. List the advantages of IDaaS solutions. Discuss IDaaS solutions offered by various companies. IDaaS Defined Identity (or identification) as a service (IDaaS)—Cloud-based approaches to managing user identities, including usernames, passwords, and access. Also sometimes referred to as “identity management as a service. Identity and Access Management (IAM) Identity and Access Management includes the components and policies necessary to control user identify and access privileges.
Authentication Username/Password, digital signatures, digital certificates, biometrics Authorization Granular controls for mapping identities and rights User Management Creation and administration of new user identities, groups, passwords, and policies Credential Management Establishes identities and access control rules for user accounts 4 (Erl, 2014) Single Sign-On (SSO) Single sign-on (SSO)—PA process that allows a user to log into a central authority and then access other sites and services for which he or she has credentials. Advantages of SSO Fewer username and password combinations for users to remember and manage Less password fatigue caused by the stress of managing multiple passwords Less user time consumed by having to log in to individual systems Fewer calls to help desks for forgotten passwords A centralized location for IT staff to manage password
compliance and reporting Disadvantages of SSO The primary disadvantage of SSO systems is the potential for a single source of failure. If the authentication server fails, users will not be able to log in to other servers. Thus, having a cloud-based authentication server with system redundancy reduces the risk of system unavailability. How Single Sign On Works The single sign on mechanism enables one cloud service consumer to be authenticated by a security broker. Once established, the security context is persistent when the consumer accesses other cloud based IT resources. 8 (Erl, 2014) Figure 10.9 - A cloud consumer provides the security broker with login credentials (1). The security broker response with an authentication token (message with small lock symbol) upon successful authentication, which contains cloud service consumer identify information (2) that is used to automatically authenticate the cloud service consumer across Cloud Services A, B, and C (3).
Federated ID Management FIDM describes the technologies and protocols that combine to enable a user to bring security credentials across different security domains (different servers running potentially different operating systems). Security Assertion Markup Language (SAML) Behind the scenes, many FIDM systems use the Security Assertion Markup Language (SAML) to package a user’s security credentials. Account Provisioning The process of creating a user account on a system is called account provisioning. Because different employees may need different capabilities on each system, the provisioning process can be complex. When an employee leaves the company, a deprovisioning process must occur to remove the user’s accounts. Unfortunately, the IT staff is not always immediately informed that an employee no longer works for the company, or the IT staff misses a server account and the user may still have access to one or more systems. 4 A’s of Cloud Identity
Authentication: The process of validating a user for on-site and cloud-based solutions. Authorization: The process of determining and specifying what a user is allowed to do on each server. Account management: The process of synchronizing user accounts by provisioning and deprovisioning access. Audit logging: The process of tracking which applications users access and when. Real World: Ping Identity IDaaS Ping Identity provides cloud-based ID management software that supports FIDM and user account provisioning. Real World: PassworkBank IDaaS PasswordBank provides an IDaaS solution that supports on-site and cloud-based system access. Its FIDM service supports enterprise-wide SSO (E-SSO) and SSO for web-based applications (WebSSO). The PasswordBank solutions perform the FIDM without the use of SAML. PasswordBank solutions support a myriad of devices, including the iPhone.
OpenID OpenID allows users to use an existing account to log in to multiple websites. Today, more than 1 billion OpenID accounts exist and are accepted by thousands of websites. Companies that support OpenID include Google, Yahoo!, Flickr, Myspace, WordPress.com, and more Advantages of Using OpenID Increased site conversion rates (rates at which customers choose to join websites) because users do not need to register Access to greater user profile content Fewer problems with lost passwords Ease of content integration into social networking sites Mobile ID Management Threats to mobile devices include the following: Identity theft if a device is lost or stolen Eavesdropping on data communications Surveillance of confidential screen content Phishing of content from rogue sites Man-in-the-middle attacks through intercepted signals Inadequate device resources to provide a strong security implementation Social attacks on unaware users that yield identity information
Cloud Based Security Groups Cloud resource segmentation is a process of creating separate physical and virtual IT environments for different users and groups to increase security. 18 (Erl, 2014) Figure 10.11 - Cloud-Based Security Group A encompasses Virtual Servers A and D and is assigned to Cloud Consumer A. Cloud-Based Security Group B is comprised of Virtual Servers B, C, and E and is assigned to Cloud Consumer B. If Cloud Service Consumer A’s credentials are compromised, the attacker would only be able to access and damage the virtual servers in Cloud-Based Security Group A, thereby protecting Virtual Servers B, C, and E. Hardened Virtual Server Images When creating a virtual server from a template, the hardening process removes unnecessary software from the system to limit vulnerabilities that could be exploited by hackers. 19 (Erl, 2014) Figure 10.13 - A cloud provider applies its security policies to harden its standard virtual server images. Key Terms
References Primary: Jamsa, K. A. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile, security and more. Burlington, MA: Jones & Bartlett Learning. Secondary: Erl, T., Mahmood, Z., & Puttini, R. (2014). Cloud computing: concepts, technology, & architecture. Upper Saddle River, NJ: Prentice Hall. 21 School of Computer & Information Sciences ITS-532 Cloud Computing Chapter 4 – Infrastructure as a Service (IaaS) Content from: Primary Textbook: Jamsa, K. A. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile,
security and more. Burlington, MA: Jones & Bartlett Learning. Secondary Textbook: Erl, T., Mahmood, Z., & Puttini, R. (2014). Cloud computing: concepts, technology, & architecture. Upper Saddle River, NJ: Prentice Hall. 1 Define and describe IaaS and identify IaaS solution providers. Define and describe colocation. Define and describe system and storage redundancy. Define and describe cloud-based network-attached storage (NAS) devices and identify solution providers. Define and describe load balancing and identify cloud-based solution providers. Describe the pros and cons of IaaS solutions. Learning Objectives An IaaS provider makes all of the computing hardware resources available, and the customers, in turn, are responsible for installing and managing the systems, which they can normally do, for the most part, over the Internet. IaaS Defined What Data Centers Must Provide Access to high-speed and redundant Internet service Sufficient air conditioning to eliminate the heat generated by servers and disk storage devices Conditioned power with the potential for uninterrupted power
supply in the short term and long term through the use of on- site diesel powered generators Fire suppression systems Administrative staffing to support hardware, networks, and operating systems Bottom Line: Data Centers are Expensive Co-located Data Centers To reduce the risk of a single point of failure, companies often create a duplicate data center at a remote location. Should one of the data centers fail, the other can immediately take over operations. Unfortunately, the second data center will increase the company’s costs—essentially doubling them—because there are duplicate servers, storage devices, network equipment, Internet access, and staffing. Co-located Data Center
What Co-located Systems Accomplish Makes the company less susceptible to fire, acts of God, and terrorism Improves performance through a distributed workload Makes the company less susceptible to downtime due to power loss from a blackout or brownout IaaS solutions allow smaller companies to eliminate the need for their own on-site data center IaaS Solution s May Support Many Different Companies Load Balancing Across the web, sites experience a wide range of network traffic requirements. Sites such as Google, Yahoo!, Amazon, and Microsoft experience millions of user hits per day. To handle such web requests, the sites use a technique known as load balancing, to
share the requests across multiple servers. Load Balancing Continued Load balancing uses a server to route traffic to multiple servers which, in turn, share the workload. Load Balancing and Replicated Databases Load balanced systems, for data redundancy, often replicate databases on multiple servers. Each database, in turn, will send data updates to the other to maintain data synchronization between the servers.
Cloud-Based Data Replication Using cloud-based NAS devices and cloud-based databases, companies can replicate key data within the cloud. Real World: Rackspace IaaS Rackspace has emerged as one of the largest players in the IaaS market. Rackspace offers a set of solutions that include cloud hosting, managed hosting (including 24/7 data-center like management), and hybrid solutions that combine the cloud and managed services. Within minutes, from the Rackspace website an administrator can select a solution that deploys from 1 to 50 servers. Larger configurations are available. Rackspace Continued
Today Rackspace offers cloudbased solutions to hundreds of thousands of clients. Rackspace houses its data centers at very large facilities located around the world. With respect to the cloud, Rackspace offers pay as you go scalability, with on-demand storage and load balancing. Beyond cloud hosting, Rackspace provides solutions for cloud-based e- mail, Exchange hosting, file sharing, backups, and collaboration. Network Attached Storage (NAS) Cloud-based NAS devices present cloud-based storage as mountable devices, which may be replicated in the cloud to meet a company’s data redundancy needs. Real World: Nirvanix IaaS The Nirvanix IaaS provides cloud-based NAS, which is
accessible through the CloudNAS file system. Advantages of IaaS Elimination of an expensive and staff-intensive data center Ease of hardware scalability Reduced hardware cost On-demand, pay as you go scalability Reduction of IT staff Suitability for ad hoc test environments Allows complete system administration and management IaaS Server Types Physical server: Actual hardware is allocated for the customer’s dedicated use. Dedicated virtual server: The customer is allocated a virtual server, which runs on a physical server that may or may not
have other virtual servers. Shared virtual server: The customer can access a virtual server on a device that may be shared with other customers. IaaS Server Types Continued Within an IaaS environment, customers can allocate various server types. Data Center Technology Virtualization Standardization and Modularity Automation Remote Operation and Management High Availability Security-Aware Design, Operation, and Management Facilities
Computing Hardware Storage Hardware (Erl, 2014) Storage Technologies Hard Disk Arrays I/O Caching Hot-Swappable Hard Disks Storage Virtualization Fast Data Replication Mechanisms Network Storage Devices Storage Area Networks (SAN) – dedicated network Network Attached Storage (NAS) – device connected to network (Erl, 2014) Network Hardware Carrier and External Network Interconnection – LAN/WAN Load Balancing and Acceleration
LAN Fabric – High performance and redundant connectivity SAN Fabric – Used to connect servers to storage devices NAS Gateways – connection points for NAS storage devices (Erl, 2014) Key Terms References Primary: Jamsa, K. A. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile, security and more. Burlington, MA: Jones & Bartlett Learning. Secondary: Erl, T., Mahmood, Z., & Puttini, R. (2014). Cloud computing: concepts, technology, & architecture. Upper Saddle River, NJ: Prentice Hall. 25
School of Computer & Information Sciences ITS-532 Cloud Computing Chapter 3 – Platform as a Service (PaaS) Content from: Primary Textbook: Jamsa, K. A. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile, security and more. Burlington, MA: Jones & Bartlett Learning. Secondary Textbook: Erl, T., Mahmood, Z., & Puttini, R. (2014). Cloud computing: concepts, technology, & architecture.
Upper Saddle River, NJ: Prentice Hall. 1 Learning Objectives Define and describe the PaaS model. Describe the advantages and disadvantages of PaaS solutions. List and describe several real-world PaaS solutions. List and describe cloud-based database solutions and describe their advantages. Discuss the development history that led to PaaS. 2 Platform as a Service (PaaS) Defined Provide a collection of hardware and software resources that developers can use to build and deploy applications within the cloud. Depending on their needs, developers may use a Windows-based PaaS solution or a Linux-based PaaS. 3
PaaS Advantages Developers eliminate the need to buy and maintain hardware, and the need to install and manage operating system and database software. Because the computing resources no longer reside in the data center, but rather in the cloud, the resources can scale on demand and the company can pay for only resources it consumes. Further, because PaaS eliminates the developers’ need to worry about servers, they can more quickly deploy their web-based solutions. 4 PaaS Disadvantages Some developers and administrators want finer control over the underlying systems (versions, patch releases/applications, …) 5
Real World: Google App Engine Google App Engine, sometimes called GAE, is a PaaS solution that lets developers create and host web-based applications that reside and run on services managed by Google. Like many Google services and offerings, Google App Engine is a free service. Google App Engine provides platform support for a variety of programming languages, the three most common of which are Java, Python, and Go. 6 Google App Engine Continued Google App Engine features include the following: Support for dynamic web pages Data storage and query support Load balancing for application scalability Application program interface (API) support for application- based e-mail through Google services A local development environment that simulates Google App Engine on the developer’s computer
Support for event scheduling and triggering An application sandbox that limits access to the underlying operating system An administrative console for managing applications 7 Real World: Taleo Human-Resources SaaS 8 To achieve wide-scale use, an SaaS solution must have large market potential. Every business must recruit, hire, train, and compensate employees. The Taleo cloud-based talent management system provides applications and services to meet company human resources demands. Google App Engine 9
Evolution to the Cloud Mainframe Computers Personal Computers Local-Area Networks Internet Service Providers (ISPs) PaaS 10 Mainframe Computing Large capital investment for data-center-based computers Large, expensive disk and tape storage systems that often provided only limited storage capacity User interface to the system provided through dumb terminals Limited computer–network interconnectivity System security maintained through physical security (few users had direct access to the computer hardware)
11 Mainframe Computer 12 Tower-Based Servers Large physical footprint Considerable heat generation and power consumption 13 Internet Service Providers (ISPs) 14
ISP Advantages Reduced cost: The ISP provided the high-speed, high-bandwidth Internet connection, which it shared across several companies. Less server administration: The ISP managed the servers to which developers uploaded their solutions. Less hardware to purchase and maintain: The ISP purchased and managed the hardware and managed the infrastructure software, such as the operating system. 15 ISP Advantages Continued Greater system uptime: Through the use of redundant hardware resources, the ISP provided high system uptime. Potential scalability: The ISP had the ability to move a high- demand application to a faster bandwidth connection. 16
Blade Computers Reduced server footprint Reduced power consumption and heat generation 17 Real World: Force.com PaaS To extend its cloud capabilities to application developers, Salesforce.com has released the Force.com PaaS. Originally developed to provide a home for business applications, Force.com now runs applications across most sectors. 18
Benefits of PaaS By shifting computing resources from an on-site data center to the cloud, PaaS solutions offer: Lower total cost of ownership: Companies no longer need to purchase and maintain expensive hardware for servers, power, and data storage. Lower administration overhead: Companies shift the burden of system software administration from in-house administration to employees of the cloud provider. 19 Benefits of PaaS Continued More current system software: The cloud administrator is responsible for maintaining software versions and patch installations. Increased business and IT alignment: Company IT personnel can focus on solutions as opposed to server-related issues. Scalable solutions: Cloud-based solutions can scale up or down automatically based on application resource demands. Companies pay only for the resources they consume. 20
Disadvantages of PaaS Potential disadvantages of PaaS solutions include: Concerns about data security: Some companies are hesitant to move their data storage off-site. Challenges to integrating cloud solutions with legacy software: A company may need to support on-site solutions as well as cloud-based solutions. Communication between the two application types may be difficult to impossible. Risk of breach by the PaaS provider: If the company providing the PaaS service fails to meet agreed-upon service levels, performance, security, and availability may be at risk, and moving the application may be difficult. 21 Real World: Windows Azure as a PaaS Microsoft .NET has driven the development of many dynamic web solutions and web services. Windows Azure is a PaaS running within Microsoft data
centers. Users pay only for the scalable processor resources that they consume. SQL Azure provides a cloud-based database solution for applications running within Windows Azure. 22 Windows Azure Continued Windows Azure goes beyond .NET and includes support for Java, PHP, and Ruby. Developers can build and deploy their solutions to Azure using an IDE such as Visual Studio or Eclipse. Developers can interface to SQL Azure using much of the same code they would use to access a local database. 23 Windows Azure Continued 24
Key Terms 25 References Jamsa, K. A. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile, security and more. Burlington, MA: Jones & Bartlett Learning. 26
Directions Answer each question individual and respond with full .docx

More Related Content

DOCX
School of Computer & Information SciencesITS-532 Cloud C.docx
jeffsrosalyn
 
PDF
TOP SAILPOINT INTERVIEW QUESTION
Infosec Train
 
PDF
IAM: Getting the basics right
David Doret
 
PDF
original.pdf
PranavUndre1
 
PDF
Identity Management In Cloud Computing
International Journal of Modern Research in Engineering and Technology
 
PDF
MSFT Cloud Architecture Information Protection
Kesavan Munuswamy
 
PDF
Why IAM is the Need of the Hour
Techdemocracy
 
PPT
Up 2011-ken huang
Ken Huang
 
School of Computer & Information SciencesITS-532 Cloud C.docx
jeffsrosalyn
 
TOP SAILPOINT INTERVIEW QUESTION
Infosec Train
 
IAM: Getting the basics right
David Doret
 
original.pdf
PranavUndre1
 
Identity Management In Cloud Computing
International Journal of Modern Research in Engineering and Technology
 
MSFT Cloud Architecture Information Protection
Kesavan Munuswamy
 
Why IAM is the Need of the Hour
Techdemocracy
 
Up 2011-ken huang
Ken Huang
 

Similar to Directions Answer each question individual and respond with full .docx (20)

PDF
ANALYSIS ON IDENTITY MANAGEMENT SYSTEMS WITH EXTENDED STATE-OF-THE-ART IDM TA...
ijasuc
 
ODP
Shibboleth Guided Tour Webinar
John Lewis
 
PPTX
Navigating The Clouds With An Enterprise IT Strategy
redmiller1
 
PDF
Data Stream Controller for Enterprise Cloud Application
IJSRD
 
PPTX
Practical Security for the Cloud
Chirag Joshi, CISA, CISM, CRISC
 
DOC
Saipraveen_Cirrculum_Vitae
Saipraveen Gottuparthy
 
PDF
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Tudor Damian
 
PDF
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Hitachi ID Systems, Inc.
 
PDF
Information Technology Security Is Vital For The Success...
Brianna Johnson
 
PDF
Cloud Security Challenges, Types, and Best Practises.pdf
manoharparakh
 
PPTX
Zero Trust and Data Security
Career Communications Group
 
PDF
Presentasi PKL: MENGOPTIMALKAN TINGKAT KEAMANAN Website
SriYunita31
 
PDF
Cloud Computing
sahil lalwani
 
PDF
The Federal Information Security Management Act
Michelle Singh
 
PDF
DISSERTATION ALGORITHM DEVELOPMENT TIPS FOR DEVELOPING SECURE AND FLEXIBLE MA...
Tutors India
 
PPT
InsiderAttack_p3.ppt
VaishnavGhadge1
 
PPTX
Identity and Access Management Introduction
Aidy Tificate
 
PPTX
100 % Result from High-Demand Computer Courses
tk38877490
 
PPTX
What is Microsoft Enterprise Mobility Suite and how to deploy it
Peter De Tender
 
PPTX
SC-900 Concepts of Security, Compliance, and Identity
FredBrandonAuthorMCP
 
ANALYSIS ON IDENTITY MANAGEMENT SYSTEMS WITH EXTENDED STATE-OF-THE-ART IDM TA...
ijasuc
 
Shibboleth Guided Tour Webinar
John Lewis
 
Navigating The Clouds With An Enterprise IT Strategy
redmiller1
 
Data Stream Controller for Enterprise Cloud Application
IJSRD
 
Practical Security for the Cloud
Chirag Joshi, CISA, CISM, CRISC
 
Saipraveen_Cirrculum_Vitae
Saipraveen Gottuparthy
 
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Tudor Damian
 
Successful Enterprise Single Sign-on: Addressing Deployment Challenges
Hitachi ID Systems, Inc.
 
Information Technology Security Is Vital For The Success...
Brianna Johnson
 
Cloud Security Challenges, Types, and Best Practises.pdf
manoharparakh
 
Zero Trust and Data Security
Career Communications Group
 
Presentasi PKL: MENGOPTIMALKAN TINGKAT KEAMANAN Website
SriYunita31
 
Cloud Computing
sahil lalwani
 
The Federal Information Security Management Act
Michelle Singh
 
DISSERTATION ALGORITHM DEVELOPMENT TIPS FOR DEVELOPING SECURE AND FLEXIBLE MA...
Tutors India
 
InsiderAttack_p3.ppt
VaishnavGhadge1
 
Identity and Access Management Introduction
Aidy Tificate
 
100 % Result from High-Demand Computer Courses
tk38877490
 
What is Microsoft Enterprise Mobility Suite and how to deploy it
Peter De Tender
 
SC-900 Concepts of Security, Compliance, and Identity
FredBrandonAuthorMCP
 
Ad

More from mariona83 (20)

DOCX
Directions for using SJSU Library sourcesGo to library.sj.docx
mariona83
 
DOCX
Directions One paragraph for each questions (5 sentences or more).docx
mariona83
 
DOCX
Directions Fully answer both questions and cite all work1. Di.docx
mariona83
 
DOCX
Directions Have you ever wondered what your motor development might.docx
mariona83
 
DOCX
Directions for the post should include howwhy the candidates actio.docx
mariona83
 
DOCX
Directions for the Ethnography of CommunicationThis paper is a .docx
mariona83
 
DOCX
Directions for Reflection PaperObjectiveThis assignment .docx
mariona83
 
DOCX
Directions for completing this assignmentRead the Case Scenario.docx
mariona83
 
DOCX
Directions For each classmate post below reply with 200 words, de.docx
mariona83
 
DOCX
Directions for 500Level Research Paper School of Securi.docx
mariona83
 
DOCX
Directions Follow the directions in each Part below to complete the.docx
mariona83
 
DOCX
Directions for a complete postWhat is your take-away fro.docx
mariona83
 
DOCX
Directions Flexible Budget Performance Report Project  You a.docx
mariona83
 
DOCX
Directions End of Life • An 80, year old woman was admitted.docx
mariona83
 
DOCX
Directions Complete the three tasks associated with project c.docx
mariona83
 
DOCX
Directions essay 3 Write a post-session summary based on the com.docx
mariona83
 
DOCX
Directions End of Life• An 80, year old woman was admitted to t.docx
mariona83
 
DOCX
Directions Click Discussion. Respond twice in the discussion form. .docx
mariona83
 
DOCX
Directions Choose twenty (20) of the following questions and prov.docx
mariona83
 
DOCX
Directions Choose one (1) prompt from each of the four (4) sect.docx
mariona83
 
Directions for using SJSU Library sourcesGo to library.sj.docx
mariona83
 
Directions One paragraph for each questions (5 sentences or more).docx
mariona83
 
Directions Fully answer both questions and cite all work1. Di.docx
mariona83
 
Directions Have you ever wondered what your motor development might.docx
mariona83
 
Directions for the post should include howwhy the candidates actio.docx
mariona83
 
Directions for the Ethnography of CommunicationThis paper is a .docx
mariona83
 
Directions for Reflection PaperObjectiveThis assignment .docx
mariona83
 
Directions for completing this assignmentRead the Case Scenario.docx
mariona83
 
Directions For each classmate post below reply with 200 words, de.docx
mariona83
 
Directions for 500Level Research Paper School of Securi.docx
mariona83
 
Directions Follow the directions in each Part below to complete the.docx
mariona83
 
Directions for a complete postWhat is your take-away fro.docx
mariona83
 
Directions Flexible Budget Performance Report Project  You a.docx
mariona83
 
Directions End of Life • An 80, year old woman was admitted.docx
mariona83
 
Directions Complete the three tasks associated with project c.docx
mariona83
 
Directions essay 3 Write a post-session summary based on the com.docx
mariona83
 
Directions End of Life• An 80, year old woman was admitted to t.docx
mariona83
 
Directions Click Discussion. Respond twice in the discussion form. .docx
mariona83
 
Directions Choose twenty (20) of the following questions and prov.docx
mariona83
 
Directions Choose one (1) prompt from each of the four (4) sect.docx
mariona83
 
Ad

Recently uploaded (20)

PDF
Solved Past paper of Pediatric Health Nursing PHN BS Nursing 5th Semester
shaukatkhan0798
 
PDF
Journal of Dental Science - UDMY (2020).pdf
Nay Aung
 
PDF
Skin Care and Cosmetic Ingredients Dictionary ( PDFDrive ).pdf
SahianAlondraPichard
 
PPTX
Key-Features-of-the-SHS-Program-v4-Slides (3) PPT2.pptx
abdurakibtingsonjali
 
PPTX
4. Diagnosis and treatment planning in RPD.pptx
rakshasb
 
PDF
Chevening Scholarship Application and Interview Preparation Guide
Leneka Rhoden
 
PDF
Lecture on Viruses: Structure, Classification, Replication, Effects on Cells,...
Miraj Khan
 
PDF
Myanmar Dental Journal, The Journal of the Myanmar Dental Association (2015).pdf
Nay Aung
 
PPTX
Macbeth play - analysis .pptx english lit
helenamistry
 
PDF
PUBH1000 - Module 6: Global Health Tute Slides
Jonathan Hallett
 
PDF
Physical education and sports and CWSN notes
0rajeev14
 
PDF
Diabetes Mellitus , types , clinical picture, investigation and managment
AreenAManasrah
 
PPTX
ACFE CERTIFICATION TRAINING ON LAW.pptx
Godwin Emmanuel Oyedokun MBA MSc PhD FCA FCTI FCNA CFE FFAR
 
PPTX
PLASMA AND ITS CONSTITUENTS 123.pptx
sweet2th18
 
PDF
0520_Scheme_of_Work_(for_examination_from_2021).pdf
SankariNandakumar
 
PDF
Compact First Student's Book Cambridge Official
TunHng48
 
PPTX
UNIT_2-__LIPIDS[1].pptx.................
Akanksha Kotangale
 
PDF
anganwadi services for the b.sc nursing and GNM
shaila55
 
PDF
African Communication Research: A review
AgathaMashindano1
 
PPTX
Diploma pharmaceutics notes..helps diploma students
zonuntluangimph
 
Solved Past paper of Pediatric Health Nursing PHN BS Nursing 5th Semester
shaukatkhan0798
 
Journal of Dental Science - UDMY (2020).pdf
Nay Aung
 
Skin Care and Cosmetic Ingredients Dictionary ( PDFDrive ).pdf
SahianAlondraPichard
 
Key-Features-of-the-SHS-Program-v4-Slides (3) PPT2.pptx
abdurakibtingsonjali
 
4. Diagnosis and treatment planning in RPD.pptx
rakshasb
 
Chevening Scholarship Application and Interview Preparation Guide
Leneka Rhoden
 
Lecture on Viruses: Structure, Classification, Replication, Effects on Cells,...
Miraj Khan
 
Myanmar Dental Journal, The Journal of the Myanmar Dental Association (2015).pdf
Nay Aung
 
Macbeth play - analysis .pptx english lit
helenamistry
 
PUBH1000 - Module 6: Global Health Tute Slides
Jonathan Hallett
 
Physical education and sports and CWSN notes
0rajeev14
 
Diabetes Mellitus , types , clinical picture, investigation and managment
AreenAManasrah
 
ACFE CERTIFICATION TRAINING ON LAW.pptx
Godwin Emmanuel Oyedokun MBA MSc PhD FCA FCTI FCNA CFE FFAR
 
PLASMA AND ITS CONSTITUENTS 123.pptx
sweet2th18
 
0520_Scheme_of_Work_(for_examination_from_2021).pdf
SankariNandakumar
 
Compact First Student's Book Cambridge Official
TunHng48
 
UNIT_2-__LIPIDS[1].pptx.................
Akanksha Kotangale
 
anganwadi services for the b.sc nursing and GNM
shaila55
 
African Communication Research: A review
AgathaMashindano1
 
Diploma pharmaceutics notes..helps diploma students
zonuntluangimph
 

Directions Answer each question individual and respond with full .docx

  • 1. Directions: Answer each question individual and respond with full knowledge and understanding. Use 100% original work and turn in on before or date requested.. 1. How did you apply the knowledge, skills, and attitudes from previous courses to the application of your capstone project? What did you learn from those experiences that prepared you for the capstone? 2. After implementing your capstone, you will have an opportunity to conduct a post-assessment and evaluate the success of the project. Before getting the results, what do you expect to learn from the post-assessment? Do you feel your capstone project was successful? What could you have done differently or improved upon? 3. Now that you have finished your capstone project, reflect on its function, purpose, and success with your classmates. What do you wish you had known before starting? If you wanted to continue the project, what would be your next steps? 4. During this topic, you will compile a leadership portfolio that encapsulates key assignments that helped shape you as a leader. How will this portfolio reflect your vision as a leader? How does it demonstrate your growth throughout the program? School of Computer & Information Sciences ITS-532 Cloud Computing
  • 2. Chapter 5 – Identity as a Service (IDaaS) Content from: Primary Textbook: Jamsa, K. A. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile, security and more. Burlington, MA: Jones & Bartlett Learning. Secondary Textbook: Erl, T., Mahmood, Z., & Puttini, R. (2014). Cloud computing: concepts, technology, & architecture. Upper Saddle River, NJ: Prentice Hall. 1 Learning Objectives Describe challenges related to ID management. Describe and discuss single sign-on (SSO) capabilities. List the advantages of IDaaS solutions. Discuss IDaaS solutions offered by various companies. IDaaS Defined Identity (or identification) as a service (IDaaS)—Cloud-based approaches to managing user identities, including usernames, passwords, and access. Also sometimes referred to as “identity management as a service. Identity and Access Management (IAM) Identity and Access Management includes the components and policies necessary to control user identify and access privileges.
  • 3. Authentication Username/Password, digital signatures, digital certificates, biometrics Authorization Granular controls for mapping identities and rights User Management Creation and administration of new user identities, groups, passwords, and policies Credential Management Establishes identities and access control rules for user accounts 4 (Erl, 2014) Single Sign-On (SSO) Single sign-on (SSO)—PA process that allows a user to log into a central authority and then access other sites and services for which he or she has credentials. Advantages of SSO Fewer username and password combinations for users to remember and manage Less password fatigue caused by the stress of managing multiple passwords Less user time consumed by having to log in to individual systems Fewer calls to help desks for forgotten passwords A centralized location for IT staff to manage password
  • 4. compliance and reporting Disadvantages of SSO The primary disadvantage of SSO systems is the potential for a single source of failure. If the authentication server fails, users will not be able to log in to other servers. Thus, having a cloud-based authentication server with system redundancy reduces the risk of system unavailability. How Single Sign On Works The single sign on mechanism enables one cloud service consumer to be authenticated by a security broker. Once established, the security context is persistent when the consumer accesses other cloud based IT resources. 8 (Erl, 2014) Figure 10.9 - A cloud consumer provides the security broker with login credentials (1). The security broker response with an authentication token (message with small lock symbol) upon successful authentication, which contains cloud service consumer identify information (2) that is used to automatically authenticate the cloud service consumer across Cloud Services A, B, and C (3).
  • 5. Federated ID Management FIDM describes the technologies and protocols that combine to enable a user to bring security credentials across different security domains (different servers running potentially different operating systems). Security Assertion Markup Language (SAML) Behind the scenes, many FIDM systems use the Security Assertion Markup Language (SAML) to package a user’s security credentials. Account Provisioning The process of creating a user account on a system is called account provisioning. Because different employees may need different capabilities on each system, the provisioning process can be complex. When an employee leaves the company, a deprovisioning process must occur to remove the user’s accounts. Unfortunately, the IT staff is not always immediately informed that an employee no longer works for the company, or the IT staff misses a server account and the user may still have access to one or more systems. 4 A’s of Cloud Identity
  • 6. Authentication: The process of validating a user for on-site and cloud-based solutions. Authorization: The process of determining and specifying what a user is allowed to do on each server. Account management: The process of synchronizing user accounts by provisioning and deprovisioning access. Audit logging: The process of tracking which applications users access and when. Real World: Ping Identity IDaaS Ping Identity provides cloud-based ID management software that supports FIDM and user account provisioning. Real World: PassworkBank IDaaS PasswordBank provides an IDaaS solution that supports on-site and cloud-based system access. Its FIDM service supports enterprise-wide SSO (E-SSO) and SSO for web-based applications (WebSSO). The PasswordBank solutions perform the FIDM without the use of SAML. PasswordBank solutions support a myriad of devices, including the iPhone.
  • 7. OpenID OpenID allows users to use an existing account to log in to multiple websites. Today, more than 1 billion OpenID accounts exist and are accepted by thousands of websites. Companies that support OpenID include Google, Yahoo!, Flickr, Myspace, WordPress.com, and more Advantages of Using OpenID Increased site conversion rates (rates at which customers choose to join websites) because users do not need to register Access to greater user profile content Fewer problems with lost passwords Ease of content integration into social networking sites Mobile ID Management Threats to mobile devices include the following: Identity theft if a device is lost or stolen Eavesdropping on data communications Surveillance of confidential screen content Phishing of content from rogue sites Man-in-the-middle attacks through intercepted signals Inadequate device resources to provide a strong security implementation Social attacks on unaware users that yield identity information
  • 8. Cloud Based Security Groups Cloud resource segmentation is a process of creating separate physical and virtual IT environments for different users and groups to increase security. 18 (Erl, 2014) Figure 10.11 - Cloud-Based Security Group A encompasses Virtual Servers A and D and is assigned to Cloud Consumer A. Cloud-Based Security Group B is comprised of Virtual Servers B, C, and E and is assigned to Cloud Consumer B. If Cloud Service Consumer A’s credentials are compromised, the attacker would only be able to access and damage the virtual servers in Cloud-Based Security Group A, thereby protecting Virtual Servers B, C, and E. Hardened Virtual Server Images When creating a virtual server from a template, the hardening process removes unnecessary software from the system to limit vulnerabilities that could be exploited by hackers. 19 (Erl, 2014) Figure 10.13 - A cloud provider applies its security policies to harden its standard virtual server images. Key Terms
  • 9. References Primary: Jamsa, K. A. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile, security and more. Burlington, MA: Jones & Bartlett Learning. Secondary: Erl, T., Mahmood, Z., & Puttini, R. (2014). Cloud computing: concepts, technology, & architecture. Upper Saddle River, NJ: Prentice Hall. 21 School of Computer & Information Sciences ITS-532 Cloud Computing Chapter 4 – Infrastructure as a Service (IaaS) Content from: Primary Textbook: Jamsa, K. A. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile,
  • 10. security and more. Burlington, MA: Jones & Bartlett Learning. Secondary Textbook: Erl, T., Mahmood, Z., & Puttini, R. (2014). Cloud computing: concepts, technology, & architecture. Upper Saddle River, NJ: Prentice Hall. 1 Define and describe IaaS and identify IaaS solution providers. Define and describe colocation. Define and describe system and storage redundancy. Define and describe cloud-based network-attached storage (NAS) devices and identify solution providers. Define and describe load balancing and identify cloud-based solution providers. Describe the pros and cons of IaaS solutions. Learning Objectives An IaaS provider makes all of the computing hardware resources available, and the customers, in turn, are responsible for installing and managing the systems, which they can normally do, for the most part, over the Internet. IaaS Defined What Data Centers Must Provide Access to high-speed and redundant Internet service Sufficient air conditioning to eliminate the heat generated by servers and disk storage devices Conditioned power with the potential for uninterrupted power
  • 11. supply in the short term and long term through the use of on- site diesel powered generators Fire suppression systems Administrative staffing to support hardware, networks, and operating systems Bottom Line: Data Centers are Expensive Co-located Data Centers To reduce the risk of a single point of failure, companies often create a duplicate data center at a remote location. Should one of the data centers fail, the other can immediately take over operations. Unfortunately, the second data center will increase the company’s costs—essentially doubling them—because there are duplicate servers, storage devices, network equipment, Internet access, and staffing. Co-located Data Center
  • 12. What Co-located Systems Accomplish Makes the company less susceptible to fire, acts of God, and terrorism Improves performance through a distributed workload Makes the company less susceptible to downtime due to power loss from a blackout or brownout IaaS solutions allow smaller companies to eliminate the need for their own on-site data center IaaS Solution s May Support Many Different Companies Load Balancing Across the web, sites experience a wide range of network traffic requirements. Sites such as Google, Yahoo!, Amazon, and Microsoft experience millions of user hits per day. To handle such web requests, the sites use a technique known as load balancing, to
  • 13. share the requests across multiple servers. Load Balancing Continued Load balancing uses a server to route traffic to multiple servers which, in turn, share the workload. Load Balancing and Replicated Databases Load balanced systems, for data redundancy, often replicate databases on multiple servers. Each database, in turn, will send data updates to the other to maintain data synchronization between the servers.
  • 14. Cloud-Based Data Replication Using cloud-based NAS devices and cloud-based databases, companies can replicate key data within the cloud. Real World: Rackspace IaaS Rackspace has emerged as one of the largest players in the IaaS market. Rackspace offers a set of solutions that include cloud hosting, managed hosting (including 24/7 data-center like management), and hybrid solutions that combine the cloud and managed services. Within minutes, from the Rackspace website an administrator can select a solution that deploys from 1 to 50 servers. Larger configurations are available. Rackspace Continued
  • 15. Today Rackspace offers cloudbased solutions to hundreds of thousands of clients. Rackspace houses its data centers at very large facilities located around the world. With respect to the cloud, Rackspace offers pay as you go scalability, with on-demand storage and load balancing. Beyond cloud hosting, Rackspace provides solutions for cloud-based e- mail, Exchange hosting, file sharing, backups, and collaboration. Network Attached Storage (NAS) Cloud-based NAS devices present cloud-based storage as mountable devices, which may be replicated in the cloud to meet a company’s data redundancy needs. Real World: Nirvanix IaaS The Nirvanix IaaS provides cloud-based NAS, which is
  • 16. accessible through the CloudNAS file system. Advantages of IaaS Elimination of an expensive and staff-intensive data center Ease of hardware scalability Reduced hardware cost On-demand, pay as you go scalability Reduction of IT staff Suitability for ad hoc test environments Allows complete system administration and management IaaS Server Types Physical server: Actual hardware is allocated for the customer’s dedicated use. Dedicated virtual server: The customer is allocated a virtual server, which runs on a physical server that may or may not
  • 17. have other virtual servers. Shared virtual server: The customer can access a virtual server on a device that may be shared with other customers. IaaS Server Types Continued Within an IaaS environment, customers can allocate various server types. Data Center Technology Virtualization Standardization and Modularity Automation Remote Operation and Management High Availability Security-Aware Design, Operation, and Management Facilities
  • 18. Computing Hardware Storage Hardware (Erl, 2014) Storage Technologies Hard Disk Arrays I/O Caching Hot-Swappable Hard Disks Storage Virtualization Fast Data Replication Mechanisms Network Storage Devices Storage Area Networks (SAN) – dedicated network Network Attached Storage (NAS) – device connected to network (Erl, 2014) Network Hardware Carrier and External Network Interconnection – LAN/WAN Load Balancing and Acceleration
  • 19. LAN Fabric – High performance and redundant connectivity SAN Fabric – Used to connect servers to storage devices NAS Gateways – connection points for NAS storage devices (Erl, 2014) Key Terms References Primary: Jamsa, K. A. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile, security and more. Burlington, MA: Jones & Bartlett Learning. Secondary: Erl, T., Mahmood, Z., & Puttini, R. (2014). Cloud computing: concepts, technology, & architecture. Upper Saddle River, NJ: Prentice Hall. 25
  • 20. School of Computer & Information Sciences ITS-532 Cloud Computing Chapter 3 – Platform as a Service (PaaS) Content from: Primary Textbook: Jamsa, K. A. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile, security and more. Burlington, MA: Jones & Bartlett Learning. Secondary Textbook: Erl, T., Mahmood, Z., & Puttini, R. (2014). Cloud computing: concepts, technology, & architecture.
  • 21. Upper Saddle River, NJ: Prentice Hall. 1 Learning Objectives Define and describe the PaaS model. Describe the advantages and disadvantages of PaaS solutions. List and describe several real-world PaaS solutions. List and describe cloud-based database solutions and describe their advantages. Discuss the development history that led to PaaS. 2 Platform as a Service (PaaS) Defined Provide a collection of hardware and software resources that developers can use to build and deploy applications within the cloud. Depending on their needs, developers may use a Windows-based PaaS solution or a Linux-based PaaS. 3
  • 22. PaaS Advantages Developers eliminate the need to buy and maintain hardware, and the need to install and manage operating system and database software. Because the computing resources no longer reside in the data center, but rather in the cloud, the resources can scale on demand and the company can pay for only resources it consumes. Further, because PaaS eliminates the developers’ need to worry about servers, they can more quickly deploy their web-based solutions. 4 PaaS Disadvantages Some developers and administrators want finer control over the underlying systems (versions, patch releases/applications, …) 5
  • 23. Real World: Google App Engine Google App Engine, sometimes called GAE, is a PaaS solution that lets developers create and host web-based applications that reside and run on services managed by Google. Like many Google services and offerings, Google App Engine is a free service. Google App Engine provides platform support for a variety of programming languages, the three most common of which are Java, Python, and Go. 6 Google App Engine Continued Google App Engine features include the following: Support for dynamic web pages Data storage and query support Load balancing for application scalability Application program interface (API) support for application- based e-mail through Google services A local development environment that simulates Google App Engine on the developer’s computer
  • 24. Support for event scheduling and triggering An application sandbox that limits access to the underlying operating system An administrative console for managing applications 7 Real World: Taleo Human-Resources SaaS 8 To achieve wide-scale use, an SaaS solution must have large market potential. Every business must recruit, hire, train, and compensate employees. The Taleo cloud-based talent management system provides applications and services to meet company human resources demands. Google App Engine 9
  • 25. Evolution to the Cloud Mainframe Computers Personal Computers Local-Area Networks Internet Service Providers (ISPs) PaaS 10 Mainframe Computing Large capital investment for data-center-based computers Large, expensive disk and tape storage systems that often provided only limited storage capacity User interface to the system provided through dumb terminals Limited computer–network interconnectivity System security maintained through physical security (few users had direct access to the computer hardware)
  • 26. 11 Mainframe Computer 12 Tower-Based Servers Large physical footprint Considerable heat generation and power consumption 13 Internet Service Providers (ISPs) 14
  • 27. ISP Advantages Reduced cost: The ISP provided the high-speed, high-bandwidth Internet connection, which it shared across several companies. Less server administration: The ISP managed the servers to which developers uploaded their solutions. Less hardware to purchase and maintain: The ISP purchased and managed the hardware and managed the infrastructure software, such as the operating system. 15 ISP Advantages Continued Greater system uptime: Through the use of redundant hardware resources, the ISP provided high system uptime. Potential scalability: The ISP had the ability to move a high- demand application to a faster bandwidth connection. 16
  • 28. Blade Computers Reduced server footprint Reduced power consumption and heat generation 17 Real World: Force.com PaaS To extend its cloud capabilities to application developers, Salesforce.com has released the Force.com PaaS. Originally developed to provide a home for business applications, Force.com now runs applications across most sectors. 18
  • 29. Benefits of PaaS By shifting computing resources from an on-site data center to the cloud, PaaS solutions offer: Lower total cost of ownership: Companies no longer need to purchase and maintain expensive hardware for servers, power, and data storage. Lower administration overhead: Companies shift the burden of system software administration from in-house administration to employees of the cloud provider. 19 Benefits of PaaS Continued More current system software: The cloud administrator is responsible for maintaining software versions and patch installations. Increased business and IT alignment: Company IT personnel can focus on solutions as opposed to server-related issues. Scalable solutions: Cloud-based solutions can scale up or down automatically based on application resource demands. Companies pay only for the resources they consume. 20
  • 30. Disadvantages of PaaS Potential disadvantages of PaaS solutions include: Concerns about data security: Some companies are hesitant to move their data storage off-site. Challenges to integrating cloud solutions with legacy software: A company may need to support on-site solutions as well as cloud-based solutions. Communication between the two application types may be difficult to impossible. Risk of breach by the PaaS provider: If the company providing the PaaS service fails to meet agreed-upon service levels, performance, security, and availability may be at risk, and moving the application may be difficult. 21 Real World: Windows Azure as a PaaS Microsoft .NET has driven the development of many dynamic web solutions and web services. Windows Azure is a PaaS running within Microsoft data
  • 31. centers. Users pay only for the scalable processor resources that they consume. SQL Azure provides a cloud-based database solution for applications running within Windows Azure. 22 Windows Azure Continued Windows Azure goes beyond .NET and includes support for Java, PHP, and Ruby. Developers can build and deploy their solutions to Azure using an IDE such as Visual Studio or Eclipse. Developers can interface to SQL Azure using much of the same code they would use to access a local database. 23 Windows Azure Continued 24
  • 32. Key Terms 25 References Jamsa, K. A. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile, security and more. Burlington, MA: Jones & Bartlett Learning. 26