1644 assignment 2 (pass)
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (1.79 MB, 43 trang )
ASSIGNMENT 2 BRIEF
Qualification
BTEC Level 5 HND Diploma in Computing
Unit number
Unit 9: Cloud Computing
Assignment title
Cloud’s implementation and security threats
Academic Year
2021 – 2022
Unit Tutor
Ho Hai Van
Issue date
Submission date
19/10/2022
IV name and date
Submission Format:
Format:
A presentation in Power Point format(about 25 pages)
A security manual(in PDF format)
You must use font Calibri size 12, set number of the pages and use multiple line spacing at
1.3. Margins must be: left: 1.25 cm; right: 1 cm; top: 1 cm and bottom: 1 cm. The reference
follows Harvard referencing system.
Submission Students are compulsory to submit the assignment in due date and in a way requested by
the Tutors. The form of submission will be a soft copy posted on
/>Note:
The Assignment must be your own work, and not copied by or from another student or from
books etc. If you use ideas, quotes or data (such as diagrams) from books, journals or other sources, you
must reference your sources, using the Harvard style. Make sure that you know how to reference properly,
and that understand the guidelines on plagiarism. If you do not, you definitely get failed
Unit Learning Outcomes:
LO3 Develop Cloud Computing solutions using service provider’s frameworks and open source tools.
LO4 Analyse the technical challenges for cloud applications and assess their risks
Assignment Brief and Guidance:
Task 1
Base on the scenario and architecture design in the first assignment provide the implementation. Because
of the time constraint of the assignment, the implementation just provides some demo functions of the
scenario. The implementation includes two parts:
•
A presentation (about 25 pages) o which shows which functions are
implemented
o How to config, deploy and test the services (Web application, Database Server, Source
code management, server logs..) using service provider’s frameworks and open source
tools.
o Images for the built functions
•
The source code for the built application
Task 2
The table of contents in your security manual (which should be 500–700 words) should be as follows:
1.
2.
3.
4.
5.
Analysis of the most common problems of a cloud computing platform.
Possible solutions to these problems.
Analysis of the most common security issues in the cloud environment.
Discussion on how to overcome these issues.
Summary.
Learning Outcomes and Assessment Criteria
Pass
Merit
Distinction
LO3 Develop Cloud Computing solutions using service provider’s
frameworks and open source tools
D2 Critically discuss how one can
P5 Configure a Cloud Computing
platform with a cloud service
provider’s framework.
overcome these issues and
constraints.
M3 Discuss the issues and constraints
one can face during the development
process.
P6 Implement a cloud platform
using open source tools.
LO4 Analyse the technical challenges for cloud applications and assess
their risks
P7 Analyse the most common
problems which arise in a Cloud
Computing platform and discuss
appropriate solutions to these
problems.
P8 Assess the most common
security issues in cloud
environments.
M4 Discuss how to overcome these
security issues when building a
secure cloud platform.
D3 Critically discuss how an
organisation should protect their
data when they migrate to a cloud
solution.
❒ Summative Feedback:
Grade:
Signature & Date:
❒ Resubmission Feedback:
Assessor Signature:
Date:
Table of Contents
LO3 Develop Cloud Computing solutions using service provider’s frameworks and open source tools ...................................................................... 7
P5 Configure a Cloud Computing platform with a cloud service provider’s framework. & P6 Implement a cloud platform using open source tools 7
P7 Analyse the most common problems which arise in a Cloud Computing platform and discuss appropriate solutions to these problems ......... 22
Problems with CSP (cloud service provider) ................................................................................................................................................................ 22
The lack of experience, distrust of transition and abilities Shortfall ........................................................................................................................... 22
In cloud billing, the lack of automation ....................................................................................................................................................................... 23
Inability to comply with legal obligations .................................................................................................................................................................... 24
Inability to deliver and maintain a cloud solution under one umbrella with various brands ..................................................................................... 25
Inability to stand out from the rivalry ......................................................................................................................................................................... 26
Problems with CSC (cloud service consumer) ............................................................................................................................................................. 26
Downtime .................................................................................................................................................................................................................... 26
Security and privacy..................................................................................................................................................................................................... 27
Attack threat ................................................................................................................................................................................................................ 28
Broad oversight and versatility .................................................................................................................................................................................... 28
Lock-in Vendor ............................................................................................................................................................................................................. 28
Concerns on expense ................................................................................................................................................................................................... 29
The lack of experience, distrust of transition and abilities Shortfall ........................................................................................................................... 29
The lack of cloud billing automation ........................................................................................................................................................................... 30
Power to comply with regulatory enforcement .......................................................................................................................................................... 31
Inability to deliver and maintain a cloud solution under one umbrella with various brands ..................................................................................... 31
Inability to stand out from the rivalry ......................................................................................................................................................................... 31
Problems with CSC (cloud service consumer) ............................................................................................................................................................. 32
Best practices for minimizing planned downtime in a cloud environment................................................................................................................. 32
Good practices for reducing risks to protection and privacy ...................................................................................................................................... 33
Best practices to reduce cloud attacks to benefit you ................................................................................................................................................ 33
P8 Assess the most common security issues in cloud environments.......................................................................................................................... 35
Multiple cloud computing service models .................................................................................................................................................................. 35
Some opportunities and hurdles when implementing cloud services ........................................................................................................................ 36
Advantages: ................................................................................................................................................................................................................. 36
Obstacles: ................................................................................................................................................................................................................... 37
Classification in cloud computing: ............................................................................................................................................................................... 37
Safety, Cloud Storage Data Safety: .............................................................................................................................................................................. 38
Development trend of cloud computing: .................................................................................................................................................................... 40
Completion .................................................................................................................................................................................................................. 41
References ................................................................................................................................................................................................................... 42
LO3 Develop Cloud Computing solutions using service provider’s
frameworks and open source tools
P5 Configure a Cloud Computing platform with a cloud service provider’s framework.
& P6 Implement a cloud platform using open source tools.
- First I’m create a folder to contain my project.
I’m using git to get my code that I was post on github.
After downloaded, all files are ready to go.
- I was downloaded composer code for the project It will helping me to control my code.
Copy .env.example to a new .env file that I will configuring env file to connect Heroku Cloud Services.
Create a key for my database. That key is require for configuring on Heroku.
I created an app on heroku.
Create Heroku database, define that postgres is database add-on for my application.
Configure .env file, using information form Heroku database.
Add Variables for Configuration Database.
Create database.
Define that code is merged.
I was commit it so nothing happened.
I push code to Heroku services.
I used command “open heroku” to open my project on heroku, you can see that my app crashed because Database is not configure
yet.
The last variable is “DB_CONNECTION” “pgsql” helping Heroku know that my app run on postgresql database.
I reset it and now it runing.
My app available in: />
P7 Analyse the most common problems which arise in a Cloud
Computing platform and discuss appropriate solutions to these
problems.
Problems with CSP (cloud service provider)
The lack of experience, distrust of transition and abilities Shortfall
There are also internal processes and workflows involved with a cloud sector.
Everything so many suppliers of services get their minds around. They have
They know that they have immense infrastructure at their hands in the cloud, but not everyone knows what to sell or how to
advertise and sell a cloud service. Because of this, they are grappling with problems such as is there any automated cloud-based
technology available that lets organizations simplify their distribution processes or what is the best marketing automation platform
for small and medium-sized companies?
In other examples, they do not have the requisite workforce skills or the staff are unable to adjust to the techno-commercial
mentality that any cloud organization requires. Some still struggle with automation. They don't understand how their overheads are
raised by manual operations.
In cloud billing, the lack of automation
Cloud infrastructure is a subscription model, allowing its consumers the option to scale services up or down, ensuring that CSPs need
to charge their end consumers on a pay-per-use basis. There are also different ways to purchase on-demand, prepaid, dedicated
space, and corporate arrangements for cloud services every month, and this trend is apparently going to intensify over time.
The price of the cloud is very complicated, because unlike the billing process used in the conventional buy-sell model, it's billing.
Often, pricing models for SaaS, IaaS or PaaS differ greatly. The need for an integrated invoicing tool for CSPs has spawned this
uncertainty. There are, however, many third-party tools currently on the market to support service providers, but finding the best
one can be challenging.
Inability to comply with legal obligations
The Cloud is a thriving business, no wonder. Cloud applications are now in demand with benefits such as scalability, accessibility, and
convenience, and demand will certainly spiral in the future. This has and would contribute to accelerated migration of and analysis
of more sensitive data. It is also the sole duty of the CSP to safeguard consumer records.
Security is also regarded as the shared responsibility of both the cloud for several occasions
The provider and the consumer. The management of servers, infrastructure and networking is definitely the responsibility of the
cloud service, but security is our responsibility.
The user is definitely responsible for software , operating systems, identity and access control, and network traffic security. So,
cloud service, providers need to focus as feverishly on their security requirements as they are working to improve their technical
capabilities.
The blurred lines find it difficult to solve security concerns and issues in cloud computing, but identifying role-based user control and
granting permissions at the ground level will definitely benefit both sides.
Inability to deliver and maintain a cloud solution under one umbrella with various brands
This is one of the greatest problems of cloud computing. The client now is an a deal in the driver's seat. They are seeking to step
away from yesterday's architecture to move to quickly configurable structures that are the solution to the problems they face in
industry. Customers are still searching for such CSPs who will provide them with a completely application-aware 'business-ready' IT
service management cloud network and help them clear a stable road to sustained innovation. Ironically, while an advantage, it is
another obstacle for CSPs to develop the ability to construct and deliver the sort of multi-cloud services that their clients want.
Today, CSPs still fall short of effectively combining multiple cloud technologies from different vendors and offering bundled solutions
according to the needs of customers.
