Professional Documents
Culture Documents
LIST OF FIGURES..................................................................................................................3
A.
CLOUD COMPUTING............................................................................................................4
1.
EVOLUTION OF CLOUD.......................................................................................................4
Deployment Models......................................................................................................... 12
3.
4.
5.
1.
2.
SDLC Models..................................................................................................................... 22
LIST OF FIGURES
Figure 1 Evolution of cloud computing...........................................................................................
4
Figure 2 Application Service Provision...........................................................................................
5
Figure 3 Grid Computing..............................................................................................................
5
Figure 4 Cloud Computing Context.................................................................................................
6
Figure 5 Web Services Stack..........................................................................................................
7
Figure 6 Exposing the hardware and the OS as a Service....................................................................
8
Figure 7 Exposing the Runtime + SDK as a Service..........................................................................
8
Figure 8 Web App as a Service.......................................................................................................
9
Figure 9 Cloud computing delivery models......................................................................................
9
Figure 10 Delivery models chart.....................................................................................................
10
Figure 11 Cloud App = Software as a Service...................................................................................
10
Figure 12 PaaS is the focus area of developers and architects..............................................................
11
Figure 13 Cloud OS = Infrastructure as a Service..............................................................................
11
Figure 14 Cloud computing types...................................................................................................
12
Figure 15 Public Cloud..................................................................................................................
13
Figure 16 Hybrid Cloud.................................................................................................................
14
Figure 17 Private Cloud.................................................................................................................
14
Figure 18 Current Enterprise Cloud Services....................................................................................
17
Figure 19 SDLC Software Development Lifecycle.........................................................................
21
Figure 20 Waterfall Model - A........................................................................................................
24
Figure 21 Waterfall Model - B........................................................................................................
25
Figure 22 Agile Model...................................................................................................................
28
Figure 23 SCRUM Model..............................................................................................................
29
Figure 24 SCRUM Development Framework...................................................................................
29
A.
CLOUD COMPUTING
1. EVOLUTION OF CLOUD
1.1. Evolution of Cloud Computing
There are multiple factors that led to the evolution of Cloud Computing. One
of the key factors is the way Internet Service Providers (ISP) matured over a
period of time. From the initial days of ofering basic internet connectivity
to offering software as a service, the ISPs have come a long way. ISP 1.0
was all about providing internet access to their customers. ISP 2.0 was the
phase where ISPs ofered hosting capabilities. The next step was colocation, ISP 3.0, through which the ISPs started leasing out the rack space
and bandwidth. By this, companies could host their servers running custom,
Line of Business (LoB) applications that could be accessed over the web by its
employees, trading partners and customers.
Figure 3
Grid Computing
After grid computing a new concept called utility computing came into
existence. The principle of utility computing is very simple. One company
pays another company for computing services. The services might include
hardware rental, data storage space, use of specific computer applications
or access to computer processing power. It all depends on what the client
wants and what the utility computing company can ofer. SaaS was
followed after utility computing. The concept of it very similar to that in
cloud computing. Then finally evolved the concept of cloud computing which
is still being explored for its wider applications.
1.2.
1.3.
1.4.
Web Services
Web Services accept one or more input parameters and invoke processing
logic which will result in an output. Web Services are a part of web
applications that run on a typical stack that has hardware, a Server OS,
application development platform.
Cloud OS
Imagine h/w and the OS are exposed as a Web Service over the public internet.
Based on the principles of Web Services, we could send a request to this service
along with a few parameters. OS is expected to act as an interface to the CPU
and the devices; we can invoke a service that accepts a job that will be
processed by the OS and the underlying hardware. Technically, this Web Service
has just turned the OS + H/W combination into a Service. We can start
consuming this service by submitting CPU intensive tasks to this new breed of
Web Service.
Cloud Application
Today, most of the desktop applications like word processors and spreadsheet
packages are available over the web. These applications just need a browser
and ofer high fidelity with the desktop software. This fundamentally changes
the way software is deployed and licensed. We need not double click
setup.exe to install an Office suite on our desktop. Just subscribe to the
applications and the features that we need and only pay for what we use. This
is almost equivalent to exposing the application as a service. These
applications may be called as Cloud Applications.
1.5.
1.6.
1.7.
1.8.
2. Deployment Models
The NIST definition defines three deployment models:
b) Hybrid cloud
A hybrid cloud environment consisting of multiple internal and/or external
providers will be typical for most enterprises".
It is a combination of a public and private cloud that interoperates. It is a cloud
computing environment in which an organization provides and manages some
resources in-house and has others provided externally. For example, an
organization might use a public cloud service, such as Amazon's Elastic Compute
Cloud (EC2) for general computing but store customer data within its own data
center.
Although cloud computing is often said to be the future of the industry, the
hybrid model is more prevalent for a number of reasons. Large enterprises often
already have substantial investments in the infrastructure required to provide
resources in-house. Furthermore, many organizations would prefer to keep
sensitive data under their own control to ensure security.
c) Private cloud
Private cloud and internal cloud are neologisms that some vendors have recently
used to describe oferings that emulate cloud computing on private networks.
These (typically virtualisation automation) products claim to "deliver some
benefits of cloud computing without the pitfalls", capitalising on data security,
corporate governance, and reliability concerns. They have been criticized on the
basis that users "still have to buy, build, and manage them" and as such do not
benefit from lower up-front capital costs and less hands-on management,
essentially " the economic model that makes cloud computing such an intriguing
concept".
Because cloud computing does not allow users to physically possess the
storage of their data (the exception being the possibility that data can be
backed up to a user-owned storage device, such as a USB flash drive or hard
disk) it does leave responsibility of data storage and control in the hands of
the provider.
Cloud computing has been criticized for limiting the freedom of users and
making them dependent on the cloud computing provider, and some
critics have alleged that it is only possible to use applications or services
that the provider is willing to ofer. Thus, The London Times compares
cloud computing to centralized systems of the 1950s and 60s, by which
users connected through "dumb" terminals to mainframe computers.
Typically, users had no freedom to install new applications and needed
approval from administrators to achieve certain tasks. Overall, it limited
both freedom and creativity. The Times argues that cloud computing is a
regression to that time.
One of the important issues in cloud computing that needs to be
addressed is that once you upload your data to cloud computing service
provider, you lose control over your data and if computing service provider
is experiencing problems, you may not be able to access your data at all.
Also, in most of the cases, at least this is true for free services, there is no
one on the provider's side to assist you with a problem (if you are having
one).
Further to Stallman's observation, It would be a challenge for
hosting/deploying intranet and access restricted (for Govt., defense,
institutional, etc) sites and their maintenance. Commercial sites using
tools such as web analytics may not be able to capture right data for their
business planning etc.
Richard Stallman, founder of the Free Software Foundation, believes that
cloud computing endangers liberties because users sacrifice their privacy
and personal data to a third party. He stated that cloud computing is
"simply a trap aimed at forcing more people to buy into locked, proprietary
systems that would cost them more and more over time."
Following is a list of the major global telecom operators and their work in
cloud computing as per Forresters report.
application over the internet is always a security risk. This is the unique situation
of cloud computing. Implementation of cloud computing could require millions of
dollars in infrastructure and applications development but it still places itself at
risk for diferent types of attacks.
5.1.
Above everything else, cloud computing or any type of online application format
should consider protecting its users. Developers should make sure that data
related to the user should not be mishandled and could be extracted just by one.
There are two ways to ensure cloud computing security: restrictive user access
and certifications.
The challenge in restrictive user access is to limit the access privilege of the
user. Each user will have to be assigned manually with security clearance to
ensure limitation of access to diferent files.
Certifications are also important for user certification. Developers have to open
their application to security specialists or companies that provide certifications
for security. This is one way of assuring users that the application has been fully
tested against diferent types of attacks. This is often the dilemma for cloud
computing as external security checks might open the company secrets on cloud
computing. But this has to be sacrificed to ensure the security of their users.
5.2.
Data Security
Aside from user protection against diferent types of attacks, the data itself
should be protected. In this aspect, the hardware and software linked to cloud
computing should be scrutinized. Again, a certification is highly desired in this
part of cloud computing.
The hardware component for cloud computing on the other hand requires a
diferent type of security consideration. The location of data center should not
only be selected because of its proximity to controllers and intended users but
also on its security (and even secrecy) from external problems. The data center
should be protected against diferent types of weather conditions, fire and even
physical attacks that might destroy the center physically.
With regards to the hardware component in relation to the application, certain
manual components have to be available for increased security. Among them is
manual shutdown to prevent further access of the information. Although data
could be controlled with another application that data could be infiltrated unless
the application is shutdown immediately.
5.3.
Cloud computing security should not only focus itself on prevention. Ample
resources should also be focused on recovery if the unfortunate event really
strikes. Even before disaster happens, certain plans have to be in place to ensure
that everyone will be working in unison towards recovery. The plans do not have
to be focused on software attacks alone certain external disasters such as
weather conditions should have separate recovery plans.
When everything has been recovered, developers and the company handling the
application should have the means to investigate the cause of the problem.
Through investigation, certain conditions that lead to the event could be realized
and insecurities could be discovered. Even legal actions could be done if security
has been breached on purpose.
Cloud computing may be a relatively new concept for some businesses and
consumers. But even though some businesses are only starting to adopt and
realizing the advantages of cloud computing, industry giants are already looking
forward to the next big step of cloud computing.
For now, cloud computing could be easily identified with grid computing wherein
the cloud become the application for business purposes. Although grid
computing is more focused on the server capabilities of the application, their
similarities are based on the focus on providing online and on-time services to
the enterprise.
But cloud computing is so much more than simplified cloud processing. The
business aim of getting things done no matter where they are without the
necessary of a local or desktop software is realized. The ease of data processing
with real time interaction and company-wide availability of data in an instant
could be done through proper implementation of cloud computing. Best of all,
these processes are aimed to be available with very little to no downtime.
6.1.
Computing Industry
Competition is always good in any industry. Through competition, the best
services as well as the most competitive prices will come out. The cloud
computing industry is no exception to this rule. Companies such as Amazon,
Google, Sun Microsystems and SalesForce.com are only some of the highly
recognized companies in the cloud computing industry. These companies ofer
advantages that will fit the need of any businesses.
But the level of competition, as some industry experts predict, could soon be
gone. The previously mentioned companies are aggressively promoting their
services so that they could become the leader in the industry. These companies
are now spending millions of dollars in hardware upgrades, human resources and
even in advertising. Unfortunately, not every company will come out strong.
Some industry experts predict that one of the companies will come out of top
and might even become the synonym for cloud computing.
On the other hand, smaller companies who provide personalized services for
cloud computing are slowly coming out in the open. Their personalized services
would be limited to few clients which will give them the ability optimize the
services to their clients.
B.
product is released in the market, its maintenance is done for the existing
customer base.
2. SDLC Models
There are various software development life cycle models defined and
designed which are followed during software development process. These
models are also referred as "Software Development Process Models". Each
process model follows a Series of steps unique to its type, in order to
ensure success in process of software development. Following are the
most important and popular SDLC models followed in the industry:
Waterfall Model
Iterative Model
Spiral Model
V-Model
Big Bang Model
2.1.
Waterfall Model
Requirem
ent
Analysis
System
Design
Implemen
tation
Testing
Deployme
nt
Maintena
nce
Cons
No working software is produced
until late during the life cycle.
2.2.
Agile Model
Manager acts as the ultimate product owner and sprint enablers such as
priority requirement traceability matrix, sprint log and sprint master
emulate the role of a product backlog and sprint backlog respectively.
Additionally a Scrum Master is appointed to ensure that the scrum
framework is well understood and scrum activities and meetings are
adequately facilitated.
Agile Methodology
SCRUM Model
Testing & QA: applies to activities that ensure that the entire
system works as intended and complies with applicable regulations
and internal demands of the processes in scope.
Implementation: applies to installation and subsequent testing
activities to be performed, when delivering the completed system to
the customer.
Maintenance: applies to the ongoing support and change
management activities that the client provides to the customer after
the system has been successfully implemented.
Cons
Easy to manage
Gives flexibility to developers
Continual
Improvement
Risk
Customer Feedback
Scoping
Efort Estimation
Plan Review
Waterfall
Quality focus changes from
Analysis > Design> Code
> Test
Quality Control Detection &
fixing during system and
regression testing at the
last phase of project
Lessons learned from
previous release
implemented in next
release
No Risk Identification.
Firefighting during testing
phase
Customer Feedback at the
end of the project
Product owner decides
project scope
Project Manager provides
estimates and get approval
from Product Owner for
entire project
Team need to stick to base
lined project plan
Agile
Quality focus on all
aspects of SDLC at any
given time
Early detection & fixing
in each sprint followed
by stabilization
Lessons learned from
previous sprint
implemented in next
sprint
Early identification
&mitigation in every
sprint
At the end of every
sprint
Team decides the sprint
scope
Scrum Master facilitates
and Team does the
estimation. Story points
can be reviewed and
refined during sprint
planning meeting
Team can review during
mid-sprint planning
Goals
Completing the
feature/storyin all
aspects within a sprint.
Delivering the shippable
product
Phase
Analysis and design will be Team gets divided into
completed for all stories
mini teams and each
before proceeding to
team focus on story
coding and testing
completion in all aspects
Resource Utilization Role specific. Resources
Everybody is ready to
restricted to the tasks that work any task
suits/matches their role
(analysis/design/dev/
only
test) so as to complete
the story
Ownership
Ownership changes from
Entire team is
role to role by phase to
responsible for story
phase. Roles play key role. completion in all
PM responsible for overall
aspects analysis,
delivery
design, development,
testing and demo
Task Assignment
Project Manager do the
Team members are
feature/task assignment
empowered to own the
for entire project
feature/tasks for every
sprint.
Status Report
Status report in prescribed Update version one on
template. More focus on
daily basis reflecting
Percentage done.
actual hours.
Testing Resources
Only Testers will identify,
Anyone in the team
prepare, and execute Test
identify, prepare and
scripts
execute Test scripts
New Feature Testing Test script preparation and Test script preparation
execution starts after
and execution starts in
analysis, design and
parallel with analysis
development phase
and design tasks and
completes within same
sprint
Regression Testing
After the completion of first Full coverage within the
cycle system testing
sprint.
Stabilization Phase
NA
Starts after the
completion of
development sprints. No
feature development.