1 / 27

Understanding Services and Applications by Type

Understanding Services and Applications by Type. Types. Infrastructure as a Service (IaaS) Software as a Service (SaaS), Platform as a Service (PaaS). Infrastructure as a Service allows for the creation of virtual computing systems or networks.

shirleyf
Download Presentation

Understanding Services and Applications by Type

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Understanding Services and Applications by Type

  2. Types • Infrastructure as a Service (IaaS) • Software as a Service (SaaS), • Platform as a Service (PaaS)

  3. Infrastructure as a Service allows for the creation of virtual computing systems or networks. • Software as a Service represents a hosted application that is universally available over the Internet, usually through a browser. • Software as a Service, the user interacts directly with the hosted software. • SaaS may be seen to be an alternative model to that of shrink-wrapped software and may replace much of the boxed software that we buy today.

  4. Platform as a Service is a cloud computing infrastructure that creates a development environment upon which applications may be build. • PaaSprovides a model that can be used to create or augment complex applications such as Customer Relation Management (CRM) or Enterprise Resource Planning (ERP) systems. • PaaSoffers the benefits of cloud computing and is often componentized and based on a service-oriented architecture model.

  5. Identity as a Service (IDaaS) • Identity as a Service provides authentication and authorization services on distributed networks. • Infrastructure and supporting protocols for IDaaS. • Other service types such as Compliance as a Service (CaaS), provisioning, monitoring, communications.

  6. Infrastructure as a Service (IaaS) • Infrastructure as a Service (IaaS) is a cloud computing service model in which hardware is virtualized in the cloud. • In this particular model, the service vendor owns the equipment: servers, storage, network, infrastructure. • The developer creates virtual hardware on which to develop applications and services. • Essentially, an IaaS vendor has created a hardware utility service where the user provisions virtual resources as required.

  7. The fundamental unit of virtualized client in an IaaS deployment is called a workload. • A workload simulates the ability of a certain type of real or physical server to do an amount of work. • The work done can be measured by the number of Transactions Per Minute (TPM) or a similar metric against a certain type of system.

  8. Throughput • attributes such as • Disk I/Os measured in Input/Output Per Second IOPS • the amount of RAM consumed under load in MB • Network throughput and latency

  9. In cloud computing, a provisioned server called an instance is reserved by a customer, and the necessary amount of computing resources needed to achieve that type of physical server is allocated to the client's needs.

  10. Platform as a Service (PaaS) • Platform as a Service model describes a software environment in which a developer can create customized solutions within the context of the development tools that the platform provides. • Platforms can be based on specific types of development languages, application frameworks, or other constructs.

  11. PaaS offering provides the tools and development environment to deploy applications on another vendor's application. • Often a PaaS tool is a fully integrated development environment; that is, all the tools and services are part of the PaaS service. • In a PaaS model, customers may interact with the software to enter and retrieve data, perform actions, get results, and to the degree that the vendor allows it, customize the platform involved. • The customer takes no responsibility for maintaining the hardware, the software, or the development of the applications and is responsible only for his interaction with the platform. • The one example that is most quoted as a PaaS offering is Google's App Engine platform.

  12. Software as a Service (SaaS) • SaaS provides the complete infrastructure, software, and solution stack as the service offering. • A good way to think about SaaS is that it is the cloud-based equivalent of shrink-wrapped software.

  13. Software as a Service (SaaS) may be described as software that is deployed on a hosted service and can be accessed globally over the Internet, most often in a browser. • With the exception of the user interaction with the software, all other aspects of the service are abstracted away.

  14. SaaS software for end-users are Google Gmail and Calendar, QuickBooks online, Zoho Office Suite, and others that are equally well known. • SaaSapplications come in all shapes and sizes, and include custom software such as • billing and invoicing systems • Customer Relationship Management (CRM) applications • Help Desk applications • Human Resource (HR) solutions

  15. SaaS characteristics • The software is available over the Internet globally through a browser on demand. • The typical license is subscription-based or usage-based and is billed on a recurring basis. • The software and the service are monitored and maintained by the vendor, regardless of where all the different software components are running. • Reduced distribution and maintenance costs and minimal end-user system costs generally make SaaS applications cheaper to use than their shrink-wrapped versions. • Such applications feature automated upgrades, updates, and patch management and much faster rollout of changes. • SaaS applications often have a much lower barrier to entry than their locally installed competitors, a known recurring cost, and they scale on demand (a property of cloud computing in general). • All users have the same version of the software so each user's software is compatible with another's. • SaaS supports multiple users and provides a shared data model through a single-instance, multi-tenancy model.

  16. Identity as a Service (IDaaS) • An identity service is one that stores the information associated with a digital entity in a form that can be queried and managed for use in electronic transactions. • Identity services have as their core functions: a data store, a query engine, and a policy engine that maintains data integrity.

  17. What is an identity? • An identity is a set of characteristics or traits that make something recognizable or known. • In computer network systems, it is one's digital identity that most concerns us. • A digital identity is those attributes and metadata of an object along with a set of relationships with other objects that makes an object identifiable.

  18. An identity can belong to a person and may include the following: • Things you are: Biological characteristics such as age, gender, appearance, and so forth • Things you know: Biography, personal data such as social security numbers, PINs, where you went to school, and so on • Things you have: A pattern of blood vessels in your eye, your fingerprints, a bank account you can access, a security key you were given, objects and possessions, and more • Things you relate to: Your family and friends, a software license, beliefs and values, activities and endeavors, personal selections and choices, habits and practices, an iGoogle account, and more

  19. To establish identity on a network, you might be asked to provide a name and password. ( Something you know) This is single factor authentication method. • More secure is 2- factor authentication, not only name and password but also a transient token number provided by hardware key. (Something you have) • To get multi-factor authentication, you might have a system that examines a biometric factor such as fingerprint or retinal blood vessel pattern- both of which are essentially unique things you are.

  20. Identity system codes of conduct • User control for consent: Users control their identity and must consent to the use of their information. • Minimal Disclosure: The minimal amount of information should be disclosed for an intended use. • Justifiable access: Only parties who have a justified use of the information contained in a digital identity and have a trusted identity relationship with the owner of the information may be given access to that information. • Interoperability: A cloud computing ID system must interoperate with other identity services from other identity providers. • Unambiguous human identification: An IDaaS application must provide an unambiguous mechanism for allowing a human to interact with a system while protecting that user against an identity attack. • Consistency of Service: An IDaaS service must be simple to use, consistent across all its uses, and able to operate in different contexts using different technologies.

  21. Compliance as a Service (CaaS) • Cloud computing by its very nature spans different jurisdictions. • The laws of the country of a request's origin may not match the laws of the country where the request is processed, and it's possible that neither location's laws match the laws of the country where the service is provided.

  22. Compliance means conforming to a rule, such as a specification, policy, standard or law. • Regulatory compliance describes the goal that organisations aspire to achieve in their efforts to ensure that they are aware of and take steps to comply with relevant laws and regulations. • The services which are included in compliance management are called as compliance services. • These services include maintenance of these standards, communicating updates and changes in relevant laws, standards and regulation, updating of internal policies and communicating this internally.

  23. A Compliance as a Service application would need to serve as a trusted third party, because this is a man-in-the-middle type of service. • A CaaSwould need to be able to manage cloud relationships, understand security policies and procedures, know how to handle information and administer privacy, be aware of geography, provide an incidence response, archive, and allow for the system to be queried, all to a level that can be captured in a Service Level Agreement.

  24. An example of proactive compliance services includes policy and procedure software like that offered by ConvergePoint . The software provides workflows for the creation and renewal, distribution and acknowledgment phases of the policies and procedures life-cycle. This ensures that policies are written correctly and renewed on-time, and received and understood by those who need to view them, while the entire process is documented to ensure that everyone is in compliance (acting accordingly) with required policies.

  25. Compliance is really about demonstrating a company follows regulations and best practice according to various standards.  Doing so ensures that any risk is minimalised - giving buyers (and any other company that works with them) confidence.  if I were  to set up a new social networking website/service that became a roaring success overnight.  Perhaps I would like to invite Google, Facebook or Microsoft and others to either buy a part of my business, or to invest in our technologies infrastructure to help support the servers and increase our rate of growth and expansion.The investing company will need to carry out 'due diligence' which is basically a short-hand for 'investigating the risk associated with doing business with that company'.  People will often use this word in the context of finance, but it also applies in terms of other risks such as information security.  

  26. One of the biggest concerns  a 'buyer' (or investor) might have in this example is around the security and protection of users information we store.  They want to know that user data is protected and safe.Compliance services are designed to help companies ensure they are compliant to various frameworks within this context.  There are lots of great software security tools out there, in this example you might use (for instance): MetaCompliance's policy management software  which is a type of compliance service.

More Related