Cloud Computing: Concepts, Technology, Security, and Architecture(The Pearson Digital Enterprise Series from Thomas Erl)

Cloud Computing: Concepts, Technology, Security & Architecture Cloud computing has become an integral and foundational part of information technology. The majority of digital business activity and technology innovation occurs with the involvement of contemporary cloud environments that provide highly sophisticated automated technology infrastructure and a vast range of technology resources. To successfully build upon, interact with, or create a cloud environment requires an understanding of its common inner mechanics, architectural layers, models, and security controls. It also requires an understanding of the business and economic factors that justify the adoption and real-world use of clouds and cloud-based products and services. In Cloud Computing: Concepts, Technology, Security & Architecture, Thomas Erl, one of the world's top-selling IT authors, teams up with cloud computing expert Eric Barceló Monroy and researchers to break down proven and mature cloud computing technologies and practices into a series of well-defined concepts, technology mechanisms, and technology architectures. Comprehensive coverage of containerization and cybersecurity topics is also included. All chapters are carefully authored from an industry-centric and vendor-neutral point of view. In doing so, the book establishes concrete, academic coverage with a focus on structure, clarity, and well-defined building blocks for mainstream cloud computing and containerization platforms and solutions. With nearly 370 figures, 40 architectural models, and 50 mechanisms, this indispensable guide provides a comprehensive education of contemporary cloud computing, containerization, and cybersecurity that will never leave your side.

Table of Contents:
Foreword About the Authors Acknowledgments Chapter 1: Introduction 1.1 Objectives of This Book 1.2 What This Book Does Not Cover 1.3 Who This Book Is For 1.4 How This Book Is Organized     Part I: Fundamental Cloud Computing         Chapter 3: Understanding Cloud Computing         Chapter 4: Fundamental Concepts and Models         Chapter 5: Cloud-Enabling Technology         Chapter 6: Understanding Containerization         Chapter 7: Understanding Cloud Security and Cybersecurity     Part II: Cloud Computing Mechanisms         Chapter 8: Cloud Infrastructure Mechanisms         Chapter 9: Specialized Cloud Mechanisms         Chapter 10: Cloud Security and Cybersecurity Access-Oriented Mechanisms         Chapter 11: Cloud Security and Cybersecurity Data-Oriented Mechanisms         Chapter 12: Cloud Management Mechanisms     Part III: Cloud Computing Architecture         Chapter 13: Fundamental Cloud Architectures         Chapter 14: Advanced Cloud Architectures         Chapter 15: Specialized Cloud Architectures     Part IV: Working with Clouds         Chapter 16: Cloud Delivery Model Considerations         Chapter 17: Cost Metrics and Pricing Models         Chapter 18: Service Quality Metrics and SLAs     Part V: Appendices         Appendix A: Case Study Conclusions         Appendix B: Common Containerization Technologies 1.5 Resources     Pearson Digital Enterprise Book Series     Thomas Erl on YouTube         The Digital Enterprise Newsletter on LinkedIn     Cloud Certified Professional (CCP) Program Chapter 2: Case Study Background 2.1 Case Study #1: ATN     Technical Infrastructure and Environment     Business Goals and New Strategy     Roadmap and Implementation Strategy 2.2 Case Study #2: DTGOV     Technical Infrastructure and Environment     Business Goals and New Strategy     Roadmap and Implementation Strategy 2.3 Case Study #3: Innovartus Technologies Inc.     Technical Infrastructure and Environment     Business Goals and Strategy     Roadmap and Implementation Strategy PART I: FUNDAMENTAL CLOUD COMPUTING Chapter 3: Understanding Cloud Computing 3.1 Origins and Influences     A Brief History     Definitions     Business Drivers         Cost Reduction         Business Agility     Technology Innovations         Clustering         Grid Computing         Capacity Planning         Virtualization         Containerization         Serverless Environments 3.2 Basic Concepts and Terminology     Cloud     Container     IT Resource     On Premises     Cloud Consumers and Cloud Providers     Scaling         Horizontal Scaling         Vertical Scaling     Cloud Service     Cloud Service Consumer 3.3 Goals and Benefits     Increased Responsiveness     Reduced Investments and Proportional Costs     Increased Scalability     Increased Availability and Reliability 3.4 Risks and Challenges     Increased Vulnerability Due to Overlapping Trust Boundaries     Increased Vulnerability Due to Shared Security Responsibility     Increased Exposure to Cyber Threats     Reduced Operational Governance Control     Limited Portability Between Cloud Providers     Multiregional Compliance and Legal Issues     Cost Overruns Chapter 4: Fundamental Concepts and Models 4.1 Roles and Boundaries     Cloud Provider     Cloud Consumer     Cloud Broker     Cloud Service Owner     Cloud Resource Administrator     Additional Roles     Organizational Boundary     Trust Boundary 4.2 Cloud Characteristics     On-Demand Usage     Ubiquitous Access     Multitenancy (and Resource Pooling)     Elasticity     Measured Usage     Resiliency 4.3 Cloud Delivery Models     Infrastructure as a Service (IaaS)     Platform as a Service (PaaS)     Software as a Service (SaaS)     Comparing Cloud Delivery Models     Combining Cloud Delivery Models         IaaS + PaaS         IaaS + PaaS + SaaS     Cloud Delivery Submodels 4.4 Cloud Deployment Models     Public Clouds     Private Clouds     Multiclouds     Hybrid Clouds Chapter 5: Cloud-Enabling Technology 5.1 Networks and Internet Architecture     Internet Service Providers (ISPs)     Connectionless Packet Switching (Datagram Networks)     Router-Based Interconnectivity         Physical Network         Transport Layer Protocol         Application Layer Protocol     Technical and Business Considerations         Connectivity Issues         Network Bandwidth and Latency Issues         Wireless and Cellular         Cloud Carrier and Cloud Provider Selection 5.2 Cloud Data Center Technology     Virtualization     Standardization and Modularity     Autonomic Computing     Remote Operation and Management     High Availability     Security-Aware Design, Operation, and Management     Facilities     Computing Hardware     Storage Hardware     Network Hardware         Carrier and External Networks Interconnection         Web-Tier Load Balancing and Acceleration         LAN Fabric         SAN Fabric         NAS Gateways     Serverless Environments     NoSQL Clustering     Other Considerations 5.3 Modern Virtualization     Hardware Independence     Server Consolidation     Resource Replication     Operating System–Based Virtualization     Hardware-Based Virtualization     Containers and Application-Based Virtualization     Virtualization Management     Other Considerations 5.4 Multitenant Technology 5.5 Service Technology and Service APIs     REST Services     Web Services     Service Agents     Service Middleware     Web-Based RPC 5.6 Case Study Example Chapter 6: Understanding Containerization 6.1 Origins and Influences     A Brief History     Containerization and Cloud Computing 6.2 Fundamental Virtualization and Containerization     Operating System Basics     Virtualization Basics         Physical Servers         Virtual Servers         Hypervisors         Virtualization Types     Containerization Basics         Containers         Container Images         Container Engines         Pods         Hosts         Host Clusters         Host Networks and Overlay Networks     Virtualization and Containerization         Containerization on Physical Servers         Containerization on Virtual Servers         Containerization Benefits         Containerization Risks and Challenges 6.3 Understanding Containers     Container Hosting     Containers and Pods     Container Instances and Clusters     Container Package Management     Container Orchestration     Container Package Manager vs. Container Orchestrator     Container Networks         Container Network Scope         Container Network Addresses     Rich Containers     Other Common Container Characteristics 6.4 Understanding Container Images     Container Image Types and Roles     Container Image Immutability     Container Image Abstraction         Operating System Kernel Abstraction         Operating System Abstraction Beyond the Kernel     Container Build Files         Container Image Layers     How Customized Container Images Are Created 6.5 Multi-Container Types     Sidecar Container     Adapter Container     Ambassador Container     Using Multi-Containers Together 6.6 Case Study Example Chapter 7: Understanding Cloud Security and Cybersecurity 7.1 Basic Security Terminology     Confidentiality     Integrity     Availability     Authenticity     Security Controls     Security Mechanisms     Security Policies 7.2 Basic Threat Terminology     Risk     Vulnerability     Exploit     Zero-Day Vulnerability     Security Breach     Data Breach     Data Leak     Threat (or Cyber Threat)     Attack (or Cyber Attack)     Attacker and Intruder     Attack Vector and Surface 7.3 Threat Agents     Anonymous Attacker     Malicious Service Agent     Trusted Attacker     Malicious Insider 7.4 Common Threats     Traffic Eavesdropping     Malicious Intermediary     Denial of Service     Insufficient Authorization     Virtualization Attack     Overlapping Trust Boundaries     Containerization Attack     Malware     Insider Threat     Social Engineering and Phishing     Botnet     Privilege Escalation     Brute Force     Remote Code Execution     SQL Injection     Tunneling     Advanced Persistent Threat (APT) 7.5 Case Study Example 7.6 Additional Considerations     Flawed Implementations     Security Policy Disparity     Contracts     Risk Management 7.7 Case Study Example PART II: CLOUD COMPUTING MECHANISMS Chapter 8: Cloud Infrastructure Mechanisms 8.1 Logical Network Perimeter     Case Study Example 8.2 Virtual Server     Case Study Example 8.3 Hypervisor     Case Study Example 8.4 Cloud Storage Device     Cloud Storage Levels     Network Storage Interfaces     Object Storage Interfaces     Database Storage Interfaces         Relational Data Storage         Non-Relational Data Storage     Case Study Example 8.5 Cloud Usage Monitor     Monitoring Agent     Resource Agent     Polling Agent     Case Study Example 8.6 Resource Replication     Case Study Example 8.7 Ready-Made Environment     Case Study Example 8.8 Container Chapter 9: Specialized Cloud Mechanisms 9.1 Automated Scaling Listener     Case Study Example 9.2 Load Balancer     Case Study Example 9.3 SLA Monitor     Case Study Example         SLA Monitor Polling Agent         SLA Monitoring Agent 9.4 Pay-Per-Use Monitor     Case Study Example 9.5 Audit Monitor     Case Study Example 9.6 Failover System     Active–Active     Active–Passive     Case Study Example 9.7 Resource Cluster     Case Study Example 9.8 Multi-Device Broker     Case Study Example 9.9 State Management Database     Case Study Example Chapter 10: Cloud Security and Cybersecurity Access-Oriented Mechanisms 10.1 Encryption     Symmetric Encryption     Asymmetric Encryption     Case Study Example 10.2 Hashing     Case Study Example 10.3 Digital Signature     Case Study Example 10.4 Cloud-Based Security Groups     Case Study Example 10.5 Public Key Infrastructure (PKI) System     Case Study Example 10.6 Single Sign-On (SSO) System     Case Study Example 10.7 Hardened Virtual Server Image     Case Study Example 10.8 Firewall     Case Study Example 10.9 Virtual Private Network (VPN)     Case Study Example 10.10 Biometric Scanner     Case Study Example 10.11 Multi-Factor Authentication (MFA) System     Case Study Example 10.12 Identity and Access Management (IAM) System     Case Study Example 10.13 Intrusion Detection System (IDS)     Case Study Example 10.14 Penetration Testing Tool     Case Study Example 10.15 User Behavior Analytics (UBA) System     Case Study Example 10.16 Third-Party Software Update Utility     Case Study Example 10.17 Network Intrusion Monitor     Case Study Example 10.18 Authentication Log Monitor     Case Study Example 10.19 VPN Monitor     Case Study Example 10.20 Additional Cloud Security Access-Oriented Practices and Technologies Chapter 11: Cloud Security and Cybersecurity Data-Oriented Mechanisms 11.1 Digital Virus Scanning and Decryption System     Generic Decryption     Digital Immune System     Case Study Example 11.2 Malicious Code Analysis System     Case Study Example 11.3 Data Loss Prevention (DLP) System     Case Study Example 11.4 Trusted Platform Module (TPM)     Case Study Example 11.5 Data Backup and Recovery System     Case Study Example 11.6 Activity Log Monitor     Case Study Example 11.7 Traffic Monitor     Case Study Example 11.8 Data Loss Protection Monitor     Case Study Example Chapter 12: Cloud Management Mechanisms 12.1 Remote Administration System     Case Study Example 12.2 Resource Management System     Case Study Example 12.3 SLA Management System     Case Study Example 12.4 Billing Management System     Case Study Example PART III: CLOUD COMPUTING ARCHITECTURE Chapter 13: Fundamental Cloud Architectures 13.1 Workload Distribution Architecture 13.2 Resource Pooling Architecture 13.3 Dynamic Scalability Architecture 13.4 Elastic Resource Capacity Architecture 13.5 Service Load Balancing Architecture 13.6 Cloud Bursting Architecture 13.7 Elastic Disk Provisioning Architecture 13.8 Redundant Storage Architecture 13.9 Multicloud Architecture 13.10 Case Study Example Chapter 14: Advanced Cloud Architectures 14.1 Hypervisor Clustering Architecture 14.2 Virtual Server Clustering Architecture 14.3 Load-Balanced Virtual Server Instances Architecture 14.4 Nondisruptive Service Relocation Architecture 14.5 Zero Downtime Architecture 14.6 Cloud Balancing Architecture 14.7 Resilient Disaster Recovery Architecture 14.8 Distributed Data Sovereignty Architecture 14.9 Resource Reservation Architecture 14.10 Dynamic Failure Detection and Recovery Architecture 14.11 Rapid Provisioning Architecture 14.12 Storage Workload Management Architecture 14.13 Virtual Private Cloud Architecture 14.14 Case Study Example Chapter 15: Specialized Cloud Architectures 15.1 Direct I/O Access Architecture 15.2 Direct LUN Access Architecture 15.3 Dynamic Data Normalization Architecture 15.4 Elastic Network Capacity Architecture 15.5 Cross-Storage Device Vertical Tiering Architecture 15.6 Intra-Storage Device Vertical Data Tiering Architecture 15.7 Load-Balanced Virtual Switches Architecture 15.8 Multipath Resource Access Architecture 15.9 Persistent Virtual Network Configuration Architecture 15.10 Redundant Physical Connection for Virtual Servers Architecture 15.11 Storage Maintenance Window Architecture 15.12 Edge Computing Architecture 15.13 Fog Computing Architecture 15.14 Virtual Data Abstraction Architecture 15.15 Metacloud Architecture 15.16 Federated Cloud Application Architecture PART IV: WORKING WITH CLOUDS Chapter 16: Cloud Delivery Model Considerations 16.1 Cloud Delivery Models: The Cloud Provider Perspective     Building IaaS Environments         Data Centers         Scalability and Reliability         Monitoring         Security     Equipping PaaS Environments         Scalability and Reliability         Monitoring         Security     Optimizing SaaS Environments         Security 16.2 Cloud Delivery Models: The Cloud Consumer Perspective     Working with IaaS Environments         IT Resource Provisioning Considerations     Working with PaaS Environments         IT Resource Provisioning Considerations     Working with SaaS Services 16.3 Case Study Example Chapter 17: Cost Metrics and Pricing Models 17.1 Business Cost Metrics     Up-Front and Ongoing Costs     Additional Costs Case Study Example     Product Catalog Browser         On-Premises Up-Front Costs         On-Premises Ongoing Costs         Cloud-Based Up-Front Costs         Cloud-Based Ongoing Costs 17.2 Cloud Usage Cost Metrics     Network Usage         Inbound Network Usage Metric         Outbound Network Usage Metric         Intra-Cloud WAN Usage Metric     Server Usage         On-Demand Virtual Machine Instance Allocation Metric         Reserved Virtual Machine Instance Allocation Metric     Cloud Storage Device Usage         On-Demand Storage Space Allocation Metric         I/O Data Transferred Metric     Cloud Service Usage         Application Subscription Duration Metric         Number of Nominated Users Metric         Number of Transactions Users Metric 17.3 Cost Management Considerations     Pricing Models     Multicloud Cost Management     Additional Considerations Case Study Example     Virtual Server On-Demand Instance Allocation     Virtual Server Reserved Instance Allocation     Cloud Storage Device     WAN Traffic Chapter 18: Service Quality Metrics and SLAs 18.1 Service Quality Metrics     Service Availability Metrics         Availability Rate Metric         Outage Duration Metric     Service Reliability Metrics         Mean Time Between Failures (MTBF) Metric         Reliability Rate Metric     Service Performance Metrics         Network Capacity Metric         Storage Device Capacity Metric         Server Capacity Metric         Web Application Capacity Metric         Instance Starting Time Metric         Response Time Metric         Completion Time Metric     Service Scalability Metrics         Storage Scalability (Horizontal) Metric         Server Scalability (Horizontal) Metric         Server Scalability (Vertical) Metric     Service Resiliency Metrics         Mean Time to Switchover (MTSO) Metric         Mean Time to System Recovery (MTSR) Metric 18.2 Case Study Example 18.3 SLA Guidelines 18.4 Case Study Example         Scope and Applicability         Service Quality Guarantees         Definitions         Usage of Financial Credits         SLA Exclusions PART V: APPENDICES Appendix A: Case Study Conclusions A.1 ATN A.2 DTGOV A.3 Innovartus Appendix B: Common Containerization Technologies B.1 Docker     Docker Server     Docker Client     Docker Registry     Docker Objects     Docker Swarm (Container Orchestrator) B.2 Kubernetes     Kubernetes Node (Host)     Kubernetes Pod     Kubelet     Kube-Proxy     Container Runtime (Container Engine)     Cluster     Kubernetes Control Plane 9780138052256    TOC    7/17/2023