Public Cloud consisting of Compute Service, Storage Service, Network Service, Database Service, Security Service, Support Service
Register NowMPLS Connectivity, HSM, DDoS, TLS / SSL Certificate Management, Dual / Multi Factor Authentication, Monitoring Services, Office Productivity Suite, Analytics Services.
MENTORManaged Services consisting of Disaster Recovery as a Service and Backup as a Service
Register NowPublic Cloud consisting of Compute Service, Storage Service, Network Service, Database Service, Security Service, Support Service
MPLS Connectivity, HSM, DDoS, TLS / SSL Certificate Management, Dual / Multi Factor Authentication, Monitoring Services, Office Productivity Suite, Analytics Services.
Government Community Cloud (GCC) consisting of Disaster Recovery as a Service and Backup as a Service.
Cloud computing is started in 1950s when mainframe computers came into existence. At that point, several users accessed the central computer via dummy terminals. The only thing these dummy terminals could perform was to enable users access the mainframe computer.
In 1970’s, IBM came out with an operating system (OS) named VM which was allowed for simultaneous operation of more than one OS. Guest OS could run on every VM, with their own memory and other infrastructure, making it possible to share these resources. This instigated the concept of virtualization in computing to gain popularity.
The 1990’s witnessed telecom operators begin offering virtualized private network connections, whose quality of service was good and at a lesser cost. This surfaced way for telecom companies to offer many users shared access to a single physical infrastructure.
The grid computing, which allowed major issues to be addressed via parallel computing; utility computing facilitated computing resources to be offered as a metered service and SaaS allowed subscriptions, which were network-based, to applications. Figure 1.1 describes the evolution of computing from mainframe to Cloud computing.
The evolution of distributed computing technologies, 1950s- 2010s
The term Cloud refers to a Network or Internet. Cloud is something, which is present at remote location. Cloud can provide services over network. Cloud Computing refers to manipulating, configuring, and accessing the applications online. It offers online data storage, infrastructure, and software.
The phrase “Cloud Computing” originated in a collaboration project between IBM and Google. Cloud computing is a model, for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable resources (e.g. networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. Figure 1.2 shows the visual definition of Cloud computing given by NIST. The Cloud model has five essential characteristics, three service models, and four deployment models.
Cloud computing visual definition by NIST
Cloud computing means services provided through the internet. These services can be in the form of storage, application and hardware. The user can access these services any time anywhere without human interaction through internet. A pool of resources is created. Through virtualization these resources can be increased or decreased as per the requirement.
The essential characteristics of Cloud computing as defined by NIST are given below:
The term software “multi-tenancy” refers to a software architecture in which a single instance of software runs on server and serves multiple tenants. Salesforce.com, Office 365 are some of the popular examples.
Using multi-tenancy, IT resources can be dynamically allocated and re-allocated based on consumer demands. Resource pooling allows Cloud providers to pool large-scale IT resources to serve multiple consumers. Resource pooling is commonly achieved through multi-tenancy technology, and therefore encompassed by this multi-tenancy characteristic.
Once a Cloud is established, how it’s Cloud computing services are deployed in terms of business models can differ depending on requirements. The primary service models being deployed are commonly known as:
Depending upon the way Cloud services are provided to users, different Cloud deployment models are:
Cloud Bursting is a model in which application running in private Cloud bursts/scales automatically into a public/community based on scalability needs. This typically happens for the additional load balancing needs of application/web server. After the reduction in usage, the scale down can also happen automatically.
A traditional application is a n-tier/ monolithic application architecture that generally consists of database, application and web servers that are tightly coupled with infrastructure and relies on it for providing availability. A Cloud native application is one that uses open, common standards, is dynamic in nature and is highly scalable with no dependencies on the underlying infrastructure. Cloud-native or third platform, Cloud services have ushered newer ways of designing, partitioning, scaling, testing, and deploying applications. Modern applications are built around Cloud services with application program interface (API) calls, shared infrastructure and with quick deployment process. In contrast, legacy and other client-server applications are built assuming ownership of an entire OS. These applications are shoehorned into shared infrastructure via hypervisors and VMs; in other words, they can run on, but aren’t built for, the Cloud.
The common benefits gained from Cloud system implementation are:
The Cloud computing architecture consist of four layers:
The Fig 2.1 represents an overview of NIST Cloud computing reference architecture, which identifies the major actors, their activities and functions in Cloud computing. The diagram depicts a generic high-level architecture and is intended to facilitate the understanding of the requirements, uses, characteristics and standards of Cloud computing.
Cloud Computing Reference Architecture
The Cloud architecture consists of five elements:
The role of each layer in Cloud reference architecture is:
These audits provide information that could be used for internal/external compliance requirements.
Cloud service management includes service-related functions that are necessary for the management and operation of those services required by Cloud consumers.
Cloud architecture provides a large pool of dynamic resources that can be accessed any time whenever there is a requirement, which is not provided by the traditional architecture. In traditional architecture, it is not possible to dynamically allocate a resource (VM, storage, etc.) with the rising demand of infrastructure and services. Cloud architecture provides scalable properties to meet demand of infrastructure and provide on-demand access to the user.
Cloud applications are best deployed as a collection of Cloud services, or APIs. At its essence, it is a service based or service-oriented architecture. While developing an application architecture for the Cloud, following steps should be noted and if applicable adhered to:
This is a fundamental concept of Service Oriented Computing. It ensures that applications components are treated individually, and dependencies are reduced. It further ensures that addition, removal, failure, or update of one component has a minimum impact on other components. Thus, it is always recommended to develop components separately and defining their integration/ interaction mechanism in a separate component.
Each service operation should ideally perform single transaction to simplify error detection, error recovery, and simplify the overall design. Each service operation should map to a single business function, although if a single operation can provide multiple functions without adding design complexity or increasing message sizes, it can genetically reduce implementation and usage costs
Since private and public Clouds are complex distributed systems that work best with application architectures that break out processing and data into separate components. By decoupling, the data can be stored and processed on any public or private Cloud instance. In such cases latency may occur, so it is recommended to use caching systems. These provide additional database performance by locally storing commonly accessed data, thereby reducing all database read requests back to the physical database.
Note: For systems which are constantly reading new data don’t benefit much from caching systems.
Application components that communicate with each other continuously may lower the performance of the overall application. In order to improve the performance combining the communications into a single stream of data, rather than constantly sending messages is the best practice
Firstly, a test case should be built that represents how an application behaves under an increased load. While the traffic increases, the number of web server and associated database instances may have to be increased to handle any additional load. This can help to understand the process to scale the application by automatically increasing resource on the instances or load balancing. In some cases, Cloud service providers offer auto-scaling capabilities, where provisioning occurs automatically. In this manner, it becomes easier to understand the application"s workload profile and defining the path to scaling the application.
Developing solution architectures that focus on mature Identity and Access Management capabilities can reduce security costs for organizations.
Vertical scaling provides more resources to a single computational unit, whereas horizontal scale out provides additional computational unit and runs them in parallel. Vertical scale up provides a provision to move a workload to other system that doesn’t have workload, whereas horizontal scaling splits the workload among various computational units.
The comparison between Clouds and Grids is provided in the table below:
Characteristics |
Grids |
Clouds |
Population |
High-end computers (servers, clusters) |
Commodity computers and high-end servers and network attached storage. |
Size/Scalability |
Scalability is normal |
Scalability is high |
Node OS |
Any standard OS (dominated by Unix) |
A hypervisor on which multiple VMs run with different Operating Systems |
Ownership |
Multiple |
Single |
Interconnection Network/Speed |
Mostly Internet with high latency and low bandwidth |
Dedicated, high-end with low latency and high bandwidth. |
User Management |
Decentralized and virtual organisation (VO) based |
Centralized or can be delegated to third party. |
Resource Management |
Distributed |
Centralized/Distributed |
Failure Management |
Limited (often failed tasks/applications are restarted) |
Strong support for failover and content replication. VMs can be migrated from one node to other |
Types of virtualization in Cloud Computing are:
Cloud can be present without virtualization, although it will be difficult and inefficient because the Cloud relies on concept such as “Pay for what you use” and “Indefinite availability-use as much you want”. These concepts are possible only if we have lot of flexibility (scale in/out) and efficiency in the back end. This flexibility and efficiency are readily available/possible only through virtualization. However, most Cloud applications-specially in a public Cloud- will be deployed on the Operating System (Windows/Linux) layer or on the Platform Layer (J2EE, .NET, etc.) and the underlying virtualization technology or the hypervisor would not be visible to the applications.
Type I hypervisor directly runs on the host hardware, creates the virtual machines, and monitors the operating systems. The additional overhead of communicating with the host OS is reduced and offers better efficiency. This type of hypervisor is used for servers that handle heavy workload and require more security. Examples include Microsoft Hyper-V, VMware ESXi, Citrix Xen Server, etc.
Type II hypervisor runs on the top of the host operating system and creates Virtual Machines (VM) and runs guest operating systems. This host OS is also known as physical host, which has the direct access to the underlying hardware. The major problem of this approach is the failure/crash of host OS, results in crashes of all VMs. Hence, it is recommended to use Type II hypervisor only in Desktop’s systems, where efficiency is less critical. Examples include VMware Workstation, Oracle Virtualbox and KVM.
A summary of hypervisors:
Hypervisor |
Vendor |
Type |
License |
Xen |
University of Cambridge Compute Laboratory |
Type I |
GNU GPL v2 |
Vmware ESXi |
Vmware, Inc. |
Type I |
Proprietary |
Hype-V |
Microsoft |
Type I |
Proprietary |
KVM |
Open Virtualization Alliance |
Type II |
GNU GPL |
Vmware Workstation |
Vmware, Inc. |
Type II |
Shareware |
Oracle Virtual Box |
Oracle Corporation |
Type II |
GNU GPL v2 |
Summary of Hypervisors
The number of virtual machines that can be deployed on the server depends on the server capacity (memory, processor, speed, etc.) and application resources requirements for the virtual server. The higher capacity equipment and lower their consumption, the greater the number of virtual machines can be placed. Conversely, a small capacity and high consumption of resources means that a smaller number of virtual machines can be placed on a single physical server.
Yes, some of the features like ‘live cloning’ can spin up an exact replica of the VM instantly on another host, without switching off the original, thereby migrating it live with no downtime required. However, this feature may not be available with all the CSPs and with all their offerings.
Clouds are connected through APIs in a technical sense and through partnerships in a business sense. Private Cloud vendors sometimes offer public Cloud services or public Cloud vendors often collaborate with private Cloud vendors to create hybrid Clouds. These hybrid Clouds are inter-connected using secure VPN technologies to ensure that the on-premises infrastructure and the off-premise, Cloud infrastructure operate as if they are within the same corporate network.
Some of the emerging technologies either Cloud-based or highly interoperable with the Cloud are:
The Government’s focus on digitalizing governance under the “Digital India” campaign has led to an increase in computing resource requirements for numerous projects. To meet the existing Infrastructure requirements and to reap benefits provided by the Cloud computing, Government Departments are now more inclined towards adopting Cloud.
Nowadays, Cloud technology is enabling practices such as DevOps to simplify and speed up the application development process. The near real-time response to Department needs with benefits of Cloud would enable the government departments to efficiently deliver internal and citizen centric services leading to increase in adoption of Cloud-based infrastructure, platforms, and applications. Cloud enables Departments to operate more efficiently, reducing up up-front capital costs while providing flexibility in data storage, processing, and other functionalities. As Government Departments are migrating existing applications to the Cloud and developing new capabilities/applications on the Cloud, understanding, and designing Cloud deployment architectures with elements of security and management have become crucial while adopting Cloud.
In this regard, an architecture is being proposed which shall be referred to as ‘Government of India Cloud Reference Architecture (GI CRA)’ The reference architecture has been designed using globally prescribed frameworks (addressing security and privacy requirements) and is based on the regulatory and compliance needs for application deployments in the Cloud. The design of GI CRA is intended to illustrate and understand the various Cloud services in the context of Cloud computing and to provide a technical reference to Government Departments to understand, categorize and compare Cloud services. The GI CRA comprises of various building blocks and their relationships with each other which ultimately shape to form up a Cloud setup.
GI Cloud Computing Reference Architecture
The figure above details the various building block which make up the GI Cloud Reference Architecture. This Reference architecture may be leveraged as a framework to build/design Cloud deployments/environment.
GI CRA comprises of the following essential layers/components/entities:
The GI CRA also comprises of an Integration layer which may be utilized for Cloud practices like Hybrid Cloud, Multi-Cloud etc.
The GI CRA layers/components/entities are described as below:
Layer |
Description |
Cloud Consumer |
User or consumer of GI Cloud services i.e. Government Departments at Centre and State level, Citizens |
Cloud Service Provider |
Entity responsible for operating Cloud environment and make GI Cloud services available to Cloud consumers |
Managed Service Provider |
Entity responsible for delivering and managing Cloud services for the Cloud consumer |
Cloud Carrier |
Intermediary responsible for connectivity and transport of Cloud services from Cloud Service Providers to Cloud Consumer |
Service Orchestration |
Layer covering the management of physical DC facility, IT hardware infrastructure, hardware abstraction layer (Hypervisor) and provisioning of three Cloud service models IaaS, PaaS & SaaS |
Cloud Management Platform/ Self Service Portal |
Single pane of glass from where Cloud consumer or Government Department can provision, manage, and terminate services themselves |
Cloud Service Management |
Responsible for the smooth execution of Cloud build & operate. Includes Cloud implementation, operations & maintenance services |
Cloud Security Framework |
Comprehensively address all the security related aspects. Defines guidelines on security addressing the various challenges, risks and for prescribing the approach for mitigating the risks |
Layers in Cloud Computing
The GI Cloud Reference Architecture is intended to facilitate the understanding of operational intricacies in Cloud computing with focus on “what” Cloud services provide. Government of India has referenced the Conceptual Reference Model of National Institute of Standards and Technology’s (NIST). A requirement to design a GI Cloud Reference Architecture arose to standardize on the nomenclature of terms, various actors and their roles & responsibilities in the GI Cloud ecosystem.
The GI Cloud Reference Architecture has been designed to assist the Government Departments to build their Cloud deployment architecture with components, activities and actors as relevant in the GI Cloud ecosystem. The Reference architecture is a vendor neutral architecture and has been designed by adopting widely used and recognized Cloud reference architecture and their components.
Note: All the aspects on the proposed Cloud Reference Architecture have been covered in detail in the GI Cloud Reference Architecture document, available on the MeghRaj webpage of MeitY’s website.
Some of the advantages of moving to Cloud are:
The key difference between the Cloud and traditional datacentres is that traditional datacentres are usually on-premise at an organisation’s office location. Cloud refers to datacentres that are managed by a Cloud Service Provider (CSP) from a central location(s) and are accessed and managed over the internet rather than an internal network.
Gain full understanding of:
Some organisations implement a ‘lift and shift’ approach to the Cloud, which is not always the right approach. When moving to the Cloud, core business processes and policies will likely need to change, so an understanding, documentation and risk assessment of these policies is recommended.
The Government of India has paved the way for mass adoption of Cloud services by the Government and Public sector organizations by empanelling the CSPs with Ministry of Electronics & Information Technology (MeitY). The CSPs are empanelled to offer Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) under the three Cloud Deployment models namely, Public Cloud (PC), Virtual Private Cloud (VPC) and Government Community Cloud (GCC).
As a part of the MeghRaj initiative, MeitY came out with the ‘Cloud First’ policy under which all the departments are required to assess and adopt Cloud computing for their current as well as new applications. To further enhance this adoption, MeitY also empanelled Cloud Service Offerings of private Cloud Service Providers (CSPs) which could be availed by the Government Departments under this initiative.
The focus of the Cloud First policy is to enable Government Departments to deliver both internal function and citizen centric services by leveraging Cloud making Cloud the default option. In case the Cloud is not a feasible option, the Government departments would need to get approval internally by the competent authority for choosing the traditional approach.
By leveraging Cloud, the Government Departments would be able to optimally use IT infrastructure leading to optimal spending on IT procurement, but this would also help them on focusing the core services of the respective department.
Cloud enables Government Departments to procure tools and technologies which are not feasible and viable to procure as a part of standard IT procurement. Every Government Department should adopt a ‘Cloud-by-Default’ approach when designing a new IT service/ application or migrating or enhancing an existing application to reap both financial and non-financial benefits of Cloud.
Migration of IT Infrastructure to Cloud is the process of moving application data and platform to the Cloud environment. Depending on the organization requirement(s), the possibility of migration can be from an On-Premises environment to a Cloud Service Provider platform (On-premise to Cloud Migration) or from one Cloud Service Provider platform to another Cloud Service Provider platform (Cloud to Cloud Migration).
Various stages of Cloud Enablement Lifecycle are:
In this phase organization needs to identify their requirements in Cloud and apparently initiate the process to adopt Cloud. By analyzing their business and IT objectives as well as current IT workloads housed either in their own Data Centers, CSP Data Centers, the organizations can identify relevant opportunities that make Cloud adoption essential.
Once the Identification and the Assessment stage has been completed, structured planning is required by the organizations to adopt Cloud, which includes understanding the criteria for evaluating the CSPs, performing the capacity sizing estimation for Compute, Storage and Network and selection of Cloud models suitable for migrating their existing applications.
Once the capacity sizing and selection of suitable Cloud Models has been completed, the organizations should now focus their attention towards the build stage.
Post the completion of Build Stage wherein the procurement has been completed and application has been prepared for migration begins the stage of Implementation. This stage involves preparing the Cloud environment on the CSP platform, installing, and configuring the applications, strengthening the production environment, executing mock migration, final migration and Go-Live to production Cloud. The goal is to ensure all activities are performed in a sequential manner, while minimizing downtime and disruption to users.
This stage includes management & monitoring during and post migration of the applications. The main objective of this stage is to track progress of ongoing migration of different workloads of the organization and performance post migration indicating any operational, performance issues such as data discrepancy. Further, it is also important to manage different application vendors and service providers for achieving a seamless migration. A successful migration is subject to achieving performance improvements and the newly migrated system enabling the organizations to achieve their business objectives.
The below diagram depicts the stages of the involved in Cloud Enablement and Adoption lifecycle and the guidelines covered under each stage, to enable organizations for evaluation and migration to Cloud Services/ platform procured by them.
Cloud Enablement & Adoption Lifecycle
A holistic and meticulous upfront planning is needed before migrating applications to Cloud. Some common elements of a Cloud migration strategy include evaluating performance and security requirements, calculating costs, and making any necessary departmental changes.
Common challenges an organization faces during a Cloud migration include interoperability, data and application portability, data integrity and security, and business continuity. Without proper planning, a migration could negatively affect workload performance and lead to higher IT costs, thereby negating some of the main benefits of Cloud computing.
With inherent benefits of Cloud being made available to the user Departments it is subsequently important for the user departments to identify their requirements in Cloud and apparently initiate the process to adopt Cloud. By analysing their business and IT objectives as well as current IT workloads housed either in their own Data Centres, CSP Data Centres, the organizations can identify relevant opportunities which make Cloud adoption essential. Following are the potential opportunities to migrate to Cloud.
Potential opportunities to migrate to Cloud
Some of the indicative factors influencing the adoption of Cloud are as follows:
(i) Reduction in CAPEX: Infrastructure costs gets reduced considerably as the need to purchase expensive equipment and systems, maintenance, and energy consumption costs, gets eliminated. It also reduces delays in service resolutions. Moreover, the pay-as-you-go model is more cost-efficient.
(ii) New Application Development: The Cloud enables greater business agility as it offers a platform for rapid development and deployment of new applications.
(iii) Setting up of new organization or initiative: While planning setup of new IT infrastructure or new department altogether, it is recommended to setup Cloud environment as there are various advantages of opting Cloud over on-premises infrastructure. Some of them are mentioned below:
(iv) End of Support Infrastructure & Licenses: Organizations facing end of support for infrastructure or licenses can opt to move on Cloud environment. These applications can be migrated to Cloud which will help in reducing the overall IT cost.
The Existing application needs to be assessed categorically based on certain criteria, as listed below-
The Technical Feasibility Assessment activity shall help a user Department to analyse its application on dimensions, such as Interdependency (dependency of application on different application, hardware, or platform), sensitivity to network, Horizontal & Vertical Scaling capability, Performance needs, Recovery capabilities, etc. Post performing the Technical Assessment with the guiding questions the user department’s will be able to migrate to Cloud with ease.
Risk Assessment is a key activity when planning to migrate the application on Cloud. Assessing the application across various dimensions, such as geographical location of the data, sensitivity of data, business criticality, the need to protect personal identifiable information (PII) and personal health information (PHI), shall help user departments analyse the risks associated and if the department can migrate its application on Cloud with the risk or if any mitigation plan is required to be formulated to minimize the impact of those risks.
Strategic Alignment and Cost Assessment is another key area for user departments to analyse before migrating its application to Cloud. It is essential to understand for a department which Cloud Deployment Model and Cloud Service Model shall be suitable, the total cost of ownership for migrating to Cloud and running business operations successfully from the chosen Cloud.
The key considerations which may help user Departments to make appropriate and thoughtful decisions before planning the Cloud migration are:
Key Consideration for Cloud Adoption & Migration
(i) Cost: User Departments should adopt a holistic approach while calculating the total cost of migration from on-premises to Cloud environment or from one CSP environment to another CSP environment. While, Cloud offers lower costs, but there are various factors that should be considered such as, direct costs, operational costs, administrative costs and indirect cost. It is also necessary to consider the transition period during which departments will be incurring cost for on-premises data center as well as cloud.
Total Cost of Ownership (TCO) is also one of the important factors that needs to be accounted before planning migration. The calculations for TCO are generally based on the assumption that cloud computing doesn’t require major hardware/software investments upfront and the Departments only pay for the resources they actually use/consume.
(ii) Capacity Sizing: The Capacity Sizing of compute, storage, network, and connectivity require analysis of present utilization of the existing Infrastructure & applications and future growth in terms of transactions and user base. Identifying the optimal resources required in the cloud for each of the workloads shall enable Government Departments to achieve optimal performance requirements and shall allow upsizing and downsizing of resources as per requirement.
(ii) Capacity Sizing: The Capacity Sizing of compute, storage, network, and connectivity require analysis of present utilization of the existing Infrastructure & applications and future growth in terms of transactions and user base. Identifying the optimal resources required in the cloud for each of the workloads shall enable Government Departments to achieve optimal performance requirements and shall allow upsizing and downsizing of resources as per requirement.
(iv) Application Readiness: When the User Departments plan migration to Cloud, a detailed analysis of an application is performed to assess its Cloud readiness. Some of the existing applications may need modernization to take the advantage of the cloud.
(v) Security: Implementation of well-defined security policies & procedures is a must for ensuring adequate security of the applications in the cloud. Migrating infrastructures, services or applications to the cloud without increasing the security overhead requires vigilant preparation & strengthening of security posture. Successful cloud migration requires migrating security to the cloud enabling User Departments to deploy and manage a single, consistent security framework that covers the complete Cloud infrastructure.
(vi) Cloud Models: User Departments must understand how the Cloud architecture and Platform line up with their current environment and see the dependency of components. The evaluation of Cloud Service & Deployment Model is an essential step towards Cloud migration.
When departments plan for Cloud migration, various processes and practices may be evaluated during the planning stage for implementing a successful Cloud-migration strategy. Though every Cloud migration event has unique set of requirements, few common best practices help departments in successfully migrating to Cloud.
(i) Data Backup during Migration: While performing application migration it is pertinent to ensure the protection of data. It is proposed that departments always create a full backup of their systems which they plan to migrate before performing the actual migration. Any unexpected event during migration may result in loss of data or unusable application state. Hence, backup gives an extra layer of protection in such events.
(ii) Formulate a properly planned migration strategy: Departments should begin the migration process by mapping out a migration strategy that identifies clear business motives and use cases for moving to the Cloud.
(iii) Manage the software licensing: A major concern for is whether their existing licenses for on-premises software can be extended to Cloud. Hence, Departments can leverage on the Bring Your Own License (BYOL) program that give Departments the flexibility to reuse their licenses on Cloud.
(iv) Prioritize Migration Dependencies: Before migrating to Cloud, during the planning stage it is important to identify the dependency of each component or services and their connections. For the user departments having complex on-premises setups, it is a good practice to understand dependencies of various workloads and prioritize migration of workloads with minimum to maximum dependencies accordingly.
(v) Roles & Responsibilities: Charting out complete Roles & Responsibilities of stakeholders, customized to the Project requirements.
Note: All the aspects in this chapter have been covered in detail in the End-user guide for the adoption of Cloud Services document, available on the MeghRaj webpage of MeitY’s website.
Security in the Cloud is a shared responsibility between user departments and CSPs. Hence, it is important to understand the responsibility. Certain security concerns have been listed below:
The Open Web Application Security Project (OWASP) has additionally listed certain Cloud Security concerns such as User Identity Federation, Business Continuity and Resilience, Service and Data integration, Multi-tenancy and Physical security, Infrastructure Security which have been addressed in the requirements laid down as a part of empanelment of Cloud Service Providers by MeitY (refer Empanelment of Cloud Service Providers (CSPs) https://meity.gov.in/content/gi-Cloud-meghraj).These requirements make CSPs accountable for their responsibilities towards Cloud security.
The security design principles are the key pillars for adoption and implementation of Cloud Security to protect system, application, and platform to improve overall security architecture.
Below are the key design principles which needs to be considered for Cloud technology adoption:
When moving an application/data to the Cloud, user departments should review their security posture and identify changes and controls that need to be implemented to operate securely. Departments should perform static and runtime code analysis of the application before/after deployment in the Cloud.
When using CSPs, departments should retain control and ownership of their data and should implement required security controls to meet internal and external security requirements. They can also consider using other data protection technologies like masking/encryption while moving giving due consideration to performance snags/delays.
Security in the Cloud depends on many factors like whether one choose SaaS, PaaS, or IaaS, and whether the Cloud is private, public, hybrid or community based.
The security aspects of Cloud computing are categorized as:
Cloud Security Alliance (CSA) is a non-profit organization working on a wide range of initiatives in Cloud security. For example, CSA publishes a free guide and instructions on Cloud security. Members of CSA include CSPs, vendors, corporate users, academicians of Cloud computing, in addition to individuals. That combination gives a good weight behind the association and its initiatives. Other initiatives from CSA includes a GRC stack with a “control matrix”. The matrix has a series of “controls” with relevance to Cloud security, each mapped up to ISO 27001, PCI, COBIT, NIST and more. CSA also offers a certification programme-CCSK on Cloud Security.
Like CSA, there are also other organizations such as Cloud Standards Customer Council and IEEE that are focused on Cloud Standards. Cloud Computing Innovation Council of India (CCICI) is another collaborative organization with experts from industry and researchers to promote Cloud standards and adoption models.
The most common method of authentication is password protected. However, service providers offer higher reliability, more powerful tools, such as certificates and tokens to their customers. CSPs should also support standards like LDAP and SAML for identification and authorization. Also, CSP should provide Multi-Factored Authentication for accessing the VMs.
Protecting data in Cloud environment is key and is achieved by using the right encryption mechanism for protecting both data at rest and data in transit.
Data in Transit: User department can use both IPSec and SSL/TLS for protection of data in transit. IPSec is a protocol that extends the IP protocol stack, often in network infrastructure, and allows applications on upper layers to communicate securely without modification. SSL/TLS, on the other hand, operates at the session layer. There are third-party SSL/TLS wrappers.
Data at Rest: User departments should use AES-256/PGP bit encryption for data at rest and consider using key management for securing access to encryption keys. Department should also check if CSP is supporting Client-side encryption. In this approach, data is encrypted before sending to CSP.
For a user department migrating to Cloud it is imperative to observe security discipline at various levels which ensures a secure adoption of Cloud. IT security encompasses the lowest layers of security, from physical facilities through the Department’s configuration and implementation of IT infrastructure components. These are the fundamental components that everything else in the Cloud is built from, including compute (workload), networking, and storage security.
Layered approach towards Security
It is important to know about the infrastructure security parameters of the Cloud service provider. In the shared security model, the provider (or whoever maintains the private Cloud platform) has the burden of ensuring the underlying physical, abstraction, and orchestration layers of the Cloud are secure.
Departments may adopt certain practices around data protection in order to overcome any reluctance around data security in Cloud.
Applications are hosted on independent virtual machines. Applications/ Sensitive data are more vulnerable in cloud-platforms, as cloud environments are hosted on shared resources. So, special security measure / controls are required to safeguard the client environments.
Some of the key considerations are:
Some of the key practices are:
There are various kinds of virtual networks, from basic VLANs to full Software-Defined Networks (SDNs). The data in transit also needs to secure through the network layer. A cloud service provider needs to understand the department network traffic plan to send and receive data. Department to ensure CSP has implemented strong security controls for internal and external network separation / communication. CSP to ensure appropriate network segmentation which separates networks of different sensitivity levels
Some of the key points to consider are:
Identity and Access Management (IAM) refers to defining and managing access privileges of individual network users, along with the circumstances in which users are permitted (or forbidden) those privileges. These users may either be external to the Department (e.g. citizens) or internal to the Department (e.g. employees).
Some of the key points to consider are:
Some of the key practices are:
While imbibing the practices around cloud security, User Department may focus on performing some security assessment for their cloud deployment projects. There are certain critical questions which Departments must ask themselves as well as their Cloud Service Providers during each step of security assessment are:
Security Step |
Guiding Questions for Security Assessment |
Ensuring Governance, Risk and Compliance processes exist |
|
Auditing and Reporting |
|
Managing People, Roles and Identities |
|
Ensuring Data and Information Protection |
|
Privacy Policies |
|
Assessing security for cloud applications |
|
Ensuring Cloud Network security |
|
Ensuring controls for physical infrastructure security |
|
Managing security terms in cloud service agreements |
|
Understanding security requirement in exit process |
|
Guiding Questions for Security Assessment
Some of the internationally recognized information security standards are given below:
Standards in Information and Cloud Security
ISO/ IEC 27000 Family of Information Security Management System
PCI DSS
Cloud security is a shared responsibility between the cloud service provider (CSP) and its clients. If payment card data is stored, processed or transmitted in a cloud environment, PCI DSS will apply to that environment, and will typically involve validation of both the CSP’s infrastructure and the client’s usage of that environment.
Sector specific standards
Securing hybrid IT environments spread across multiple clouds is a complex and challenging task. User Departments planning to operate a mix of on-premise and cloud systems would believe the hybrid environment is actually more secure than the exclusively in-house systems they would be running. Hence improved security would act as a key driver for increasing their use of the hybrid or multi-cloud services.
Multicloud is the use of multiple cloud computing and storage services in a single heterogeneous architecture. This also refers to the distribution of cloud assets, software, applications, etc. across several cloud-hosting environments. With a typical multicloud architecture utilizing two or more public clouds as well as multiple private clouds, a multicloud environment aims to eliminate the reliance on any single cloud provider.
Protecting the cloud infrastructure is incumbent on the cloud service provider, but it’s the Government Department’s responsibility to protect any data it puts into the cloud. So ultimately, it’s down to User Department to carry out due diligence when selecting CSPs/MSPs in order to ensure they meet their security and regulatory requirements.
Certain measures which may be kept in mind while considering a multi-cloud deployment/ environment are as follows:
To identify threats across multiple cloud platforms and effectively integrate security strategies that address the needs of each of these platforms, department’s internal security teams or managed service providers need to centralize security control to maximize data visibility within the multi-cloud environment. Information about all security measures and tools implemented need to be shared across points of contacts responsible for each platform to improve the department’s security capabilities and awareness. Having a uniform protocol for security enforcement ensures a consistent approach to cloud platforms, facilitating the secure integration of a multi-cloud architecture. Automation using third-party services may help in scaling security.
While the Departments ensure that the applications are up to date, it is also important to ensure that the security functions are constantly upgraded to meet the ever-changing landscape. In today’s world, Cyber-attackers are continuously looking for vulnerabilities to exploit and adopting innovative ways to breaching security. Monitoring threats to a multi-cloud architecture is a continuous process that requires security experts to constantly analyze the security of the multi-cloud through real-time reports.
Even if the communications between applications in the multi-cloud and within the applications themselves are secured, many Departments may neglect to secure the communications that control how the applications are run. This is known as the control plane, and a good multi-cloud security strategy should take into consideration the need to encrypt communications that fall within the domain of the control plane. Department’s security teams need to ensure that communications that control virtual machines and containers are encrypted. Often, these communications within the control plane are left unsecured, allowing malicious entities to exploit these weak spots and orchestrate a serious security breach.
One of the biggest security breaches would involve scenarios where individuals would have access to data and services that they should not be able to view. When unrelated people are allowed access to sensitive data, they are at risk of exposing the data to cyberattacks and breaches. In such a scenario, Departments need to ensure that any acquired software is patched and secured before rolling it out to employees and that employees are trained to adhere to stringent security protocols to prevent a breach from occurring.
Security in Cloud Computing follows the shared responsibility model. The Cloud Service Provider will always be responsible for securing the physical infrastructure and the virtualization platform itself. Meanwhile, the Cloud consumer i.e. the Government Department, is responsible for properly implementing the available security controls and understanding the underlying risks. For example, deciding when to encrypt virtualized storage, properly configuring the virtual network and firewalls, or deciding when to use dedicated hosting vs. a shared host.
In continuation to the practices around cloud security, certain additional pointers which Government Department should regularly monitor, through audits, for their cloud deployments on parameters such as MFA, data encryption, updates for the running operating system, usage of anti-malware and security tools among others.
Both, the CSP and the Cloud consumer, have certain areas of responsibility for maintaining security in the cloud, and in few domains the responsibility even overlaps. In today’s scenario, many security problems among Cloud consumers involve misunderstanding these shared responsibility areas. User Departments who understand the basic delineation of responsibility are in a much better position to maintain a high level of Cloud security.
Essentially, the CSP requires to ensure that the infrastructure built within their platform, is inherently robust and secure. On the other side, certain customizable Cloud capabilities including network configuration, account access, application management, compute configuration, and data encryption are the responsibility areas of the Cloud consumer.
Risk Assessment is a key activity when planning to migrate the application on Cloud. Assessing the application across various dimensions, such as geographical location of the data, sensitivity of data, business criticality, the need to protect personal identifiable information (PII) and personal health information (PHI), shall help a user department analyse the risks associated and if the department can migrate its application on Cloud with the risk or if any mitigation plan is required to be formulated to minimize the impact of those risks. The various dimensions along which risk to be measured with its description are given below:
Note: All the aspects of Cloud security are covered in detail in the Cloud Security Best Practices document, available on the MeghRaj webpage of MeitY’s website.