Wireless Security Dissertation

Wireless Security

The technology of Wireless Security Networking is one of the most common networking and accessible technology but still the security problems are of great interest of this type of technology. This research paper will prospect the wireless networking and its security as well as will focus on the companies which are involved in this technology and future prospects for this technology.

These days’ computer clients are more fascinated in attaining the Internet wirelessly because of its accessibility and mobility. These days, business travelers prefer and utilize the wireless laptops to keep in contact with the office, home, and friends. A wireless network can unites or connect the computers at various places of your business and home without any involvement of any cords and permit you to work anywhere within the range of network on laptop (Bulk, 2006).

The wireless networks are established on the basis of IEEE criteria and standards which belong to 802 family which contains (802.3) Ethernet that is largely utilized today in offices and homes. Even though the growth and development of the 802.11 standards and technology have been in progress since the late 1990s, basic acceptance of “wireless Ethernet” only originated in year 2000-2001 when (AP) or access point devices turned cheap enough for the home user. (Bulk, 2006) The following items simply provide an overview of the 802.11 family which includes: 1-802.11b (a)- Most widespread (b)- 11Mb maximum, 2.4 GHZ band, 2- 802.11 (a)- Next generation (b)- 54MB maximum, 3- 5GHZ band 3- 802.11g (a)- 54MB maximum, 2.4 GHZ band (b)- Compatible with 802.11b 4- 802.11X (a) Uses Extensible Authentication Protocol (EAP) (b) Supports RADIUS 5- 802.11i (a) TKIP (b) Draft (Bulk, 2006).

The disadvantage of a wireless network is that, except someone takes positive protections, any individual with a wireless laptop or computer can access your network. That means that hacker can attain the personal data and information on your laptop or computer. And if an unaccredited person utilizes your network to commend a crime or transmit spam, the action will be traced on your account. The 802.11 authoritative standard is, in its functioning principles, not that practically different from the Ethernet. It employs a conventional “one can speak, others hear” media access control strategy; the simple difference is that instead of wires, the carrier of the signals are assigned radio frequency. In year 2004, (ISRC) or Information Security Research Center of Queensland University declared that any 802.11 network installed in any business environment could be halt in few seconds simply by transmitting a signal that hinders the other users or parties from trying to talk. On the other hand, same is true for Ethernet; apart from that you must be able to join with the network plug at first, which certainly makes the attacker much easy to trace the trouble in order to solve it (Nichols, & Lekkas, 2006).

That’s not the place where problem terminate. Where the 802.11 standard tried to prevent carrier-level hits, it actually failed dejectedly. The (WEP) or Wired Equivalent Privacy (WEP) method was planned for wireless networks to supply a stage of security and protection against hackers on network sessions by outside members or parties, therefore offering security nearly equivalent to conventional LANs. Though, there are numerous design flaws were found in the WEP scheme in 2001 by the researchers of Zero Knowledge System and University of California, which showed the scheme hideously incompatible. Unfortunately, even by that time Wi-Fi had been deployed extensively to create compulsory adjustments hard to execute or implement (Nichols, & Lekkas, 2006).

General Wireless Security

Now the question arises why it is necessary to concentrate on the security of Wi-Fi. As we know that the general area of 802.11 network security zones are one of the leading bases for future security interests and concern: Any hacker or attacker can be laid where nobody considers him or her to be and keep well away from the network’s authorized premises. Furthermore, the other reason to concentrate on the security of Wi-Fi is its great and widespread utilization and use of 802.11 networks. In year 2006, it is reported that the quantity of shipped 802.11 enabled hardware devices were calculated to outgrow 40 million units, even the cost of these units are keep falling. After the popularity of 802.11g devices in the market, the price of the several 802.11 products dropped to the price level of 100BaseT Ethernet client cards. However, there are various speed disadvantages, but not every network requires fast speed, and in majority of the cases the implementation of wireless network is highly demanded. On the other hand, another reason to concentrate on the wireless security is the offices situated on different areas of the engaged streets, office park and highway (Nichols, & Lekkas, 2006).

 Wi-Fi security problems are addressing with 2 different troubles: Privacy and authentication. Authentication or verification guarantees that only valid clients get access to the entire network. Privacy maintains communication safe from hackers. The implementation of WPA technology properly addressed these two fundamental troubles. Although we have the much strong security technology but accidents and mishaps can occur at any time, to obtain an enjoyable and pleasant practice of Wi-Fi technology users should have sufficient knowledge of the security weaknesses and vulnerabilities, that’s the reason the Wi-Fi Associations suggests that users of wireless networks implement the similar point of care they’ve learned to employ to keep away from scams in the wired world. Moreover, end users must modify their passwords frequently, not to answer or respond the doubtful e-mails, and should look for protected and secured connections. Customers require creating various new and uncomplicated security protections. A habit like linking through a supplier or provider that employs encryption with a list of committed and trusted hotspots, using a VPN, and constantly changing and enabling security inside a home network. Furthermore, customer should make it a point to prefer those products that are having Wi-Fi certification for the utilization of WPA™ (Wi-Fi Protected Access) or WPA2™ security (Nichols, & Lekkas, 2006).

As far as technology is concerned, WEP or Wired Equivalent Privacy is a protocol that supplies security to (WLANs) or wireless local area networks based on the 802.11  Wi-Fi regulations. Moreover, WEP is a (layer 2) or OSI, Data Link Layer security technology that can be switched “on” or “off.” This technology is configured to offer wireless networks the equal level of privacy security as a comparable wired network. Moreover, WEP technology is based on the security scheme known as RC4 that utilize an assemblage of system generated values and secret user keys. The primary enforcements of WEP supported so-called 40-bit encryption, containing a key of 40 bits and 24 extra bits of system produced data. Research has revealed that it is very much easier to decode the 40-bit WEP encryption, and as a result product vendors nowadays use 128-bit encryption or better 256-bit (Hardnono, & Dondeti, 2008).

When communicating through wire, WEP utilize keys in order to encrypt the data stream. The keys generally are not sent on the network rather they stored in the windows registry or on the wireless adapter. Despite of how it is configured on a wireless LAN, WEP just signifies only one aspect of an overall WLAN security scheme. The standard of 802.11 explains the communication that takes place within wireless local area networks (LANs). The (WEP) algorithm is utilized to defend wireless communication from hackers. A secondary purpose of WEP is to stop the illegal approach to a wireless network. WEP depends on a confidential key that is distributed between the access point and the mobile station. The secret key is generally used in order to encrypt the packets before they are transmitted, and integrity verification is used to make sure that packets are not customized during transmission. Another WEP technology offered by the Agere Systems is known as WEP+, which enhances the security by neglecting “weak IVs”. The WEP+ provides its maximum excellence when it is used at both ends of the wireless connection, as this can’t easily be enforced, however, possibilities are always there that possible attack against WEP+ will finally be found (Hardnono, & Dondeti, 2008).

Moreover, Wi-Fi protected access or WPA is another security technology for  Wi-Fi networks. WPA technology improves the encryption and authentication feature of WEP. Actually, WPA was developed in response to the deficiencies of WEP by the networking industry. On the other hand, the technology used behind the WPA technology is the utilization of the (TKIP) or Temporal Key Integrity Protocol as this protocol deals with the encryption weaknesses of WEP. Another advantage of the WPA technology is the built-in or default authentication that is not offered by the WEP technology. Furthermore, another variation of the WPA technology is termed as WPA-PSK or WPA Pre Shared Key, is a simple but still strongest structure of WPA most appropriate for business and home Wi-Fi networking (Hardnono, & Dondeti, 2008).

There is another form of WPA technology which is more advanced and safe and is known as WPA2. This technology provides both data integrity and confidentiality. It is observed that WPA2 provides more security to the wireless network. However, WPA2 can’t offer enterprise security alone. Generally IEEE 802.IX port-based protocol is combined with the WPA2 which provides maximum security and guarantees the secure wireless communication. The technology of WPA is utilized with the TKIP protocol, which further utilizes the RC4 cipher, and it can be executed in software having driver or firmware update. WPA supplies integrity checking using MIC, occasionally termed as “Michael. Meanwhile, WPA2, utilizes a new encryption technique known as CCMP or (Counter-Mode with CBC-MAC Protocol), which is stronger than the RC4 (Hardnono, & Dondeti, 2008).

As far as the future of wireless security is concerned the new 802.11 standards simplify this challenge? However time will tells the best. Moreover, the 802.11i standard is the latest wireless security standard designed to put back WEP and give much effective wireless security. 802.11i was believed to be launched together with the 802.11g, however, as we know that we are not living in the perfect world. (WPA) or Wireless Protected Access Alliance certification version 1 executed various features of current 802.11i development, although, not all products of 802.11 which are sold in market having WPA certification. In the current scenario there are currently many 802.11g networks arranged that are still using non-secure and old versions of WEP (Guna, 2009).

In the coming future it is expected that the next Wi-Fi speed standard, 802.11n, will considerably provide a bandwidth of maximum 108Mbps. Moreover, this 108Mbps will become the industry standard. The latest specifications will be launched at least 1 year before by the IEEE. However, draft-based devices and products could come up with compatibility troubles in case if the authorized standard varied from the draft version. Therefore, it’s much better to stay and wait for the ratified standard before building network over non-authorized gears (Tynan, 2004).

On the other side, in coming future, the possible changes regarding Wi-Fi include the methods and procedures to make this technology more and more dependable and secure. Within a year or two the standard of 802.11i standard will be finalized, which will greatly enhance the security level. Moreover, in future in order to handle the data encryption the majority of the 802.11 i-compliant will need the separate co-processors, which indicates that current Wi-Fi devices and equipment will be replaced to achieve the maximum security (Tynan, 2004).

Wireless Security
Wireless Security

Lastly, in the coming future another advanced standard 802.11e will be largely employed for the special tasks. 802.11e will address the issues of quality services and the delivery of data packets on time. This standard is very much important for certain streaming applications like videoconferencing, and its importance is really vital as business more toward utilizing Voice Over IP on their wireless networks. Some companies have already launched 802.11e standard for some of their products like Broadcom (Tynan, 2004).

These days there are several companies around the globe, which are providing wireless security but when the question arises regarding pioneers the name which strikes first to the mind is “Broadcom.” This company is providing network solution and recently “Broadcom” has declared that the (WAPI) security standards required for all WLAN devices which are sold in China. Moreover, this company declares that it is in the list of companies who first made WLAN chips to present WAPI-enabled assistance designed for mobile devices and wireless routers, including In Concert BCM4325 that joins WLAN, FM technologies and Bluetooth “CBR, 2009).

It is mentioned by the Broadcom, that all the chips control its digital architecture and radio to supply the wireless connectivity in order to share support triple play service and broadband connectivity. According to the Michael Hurlston, general manager as well as vice president of Broadcom, said: “We are delighted to maintain the WAPI standard being a leader in the field of WLAN we are confident and feel proud to be a pioneer of the rapidly increasing wireless communications.” Furthermore, Broadcom, is making effort to promote the global standards for the wireless communication (“Broadcom”, 2003).

The fairly new solution offers an entirely new system to protect the wireless networks against the threats of real world by launching active wireless methods of testing, which are able to evaluate the daily deployed wireless access points. By this approach, the wireless Vulnerability Assessment resolution facilitates IT administrators to find vulnerabilities remotely within their wireless network and automates the authorized agreement reporting, facilitating customers to decrease the operating cost (“Computer Technology Review”, 2009).

Motorola is offering a complete and comprehensive range of WLAN infrastructure resolutions planned to enable the genuine wireless venture, despite the dimensions and size of the business. The company is offering IP or Internet Protocol coverage in outdoors and indoors simultaneously. The company’s wireless range includes mesh, enterprise WLAN, fixed broadband and Motorola solutions for AirDefense wireless security. Moreover, Motorola’s solutions decrease network maintenance and deployment costs, and guarantee the accessibility of commercial and cheap wireless connectivity. By replicating active attacks from the hacker’s viewpoint, the Motorola AirDefense wireless solutions in case of vulnerability Assessment permits the administrator proactively evaluate and assess the level of security of delicate systems over the wireless network, like cardholder data systems. Furthermore, by using the radio device of the wireless sensor to stimulate a wireless client station, the method empowers the IT administrators to perform remotely the assessment of wireless vulnerability from a hacker’s approach (Messmer, 2009).

Motorola Company is recognized around the globe for modernization in the field of communication and is generally centralized on progressing and advancing the mode of style through which world connects. From enterprise mobility, broadband communications infrastructure and public security solutions to mobile devices and high-definition video, Motorola is directing to the next phase of advancement and innovation that will enable people, governments and enterprises to be more attached and more mobile. It is reported that Motorola had sales of nearly US $30.1 billion in year 2008 (Darkreading, 2009).

The issues of spectrum pricing, data protection, and level of security are of primary concern and are having great importance for the advancement and growth of the wireless communication industry. The most important regulatory issue in field of wireless technology is associated with the security, as this issue will be face by the wireless industry over the next two decades. On the other side, the confidence level of the customer in online transactions over the wireless medium is also of great importance. Security contains not only the safety of data but also the safety from monitoring. Distaste for investigation is widely considered as the expected inhibitor of wireless network utilization (Green, 2009).

The basic issues that should be considered are: Wireless communication: as it doesn’t need physical connectivity, also having more chances to survive in case of natural disasters like floods, hurricanes, earthquakes, tornadoes and volcanoes. The other issue is Wireless transmission: as it is easier to seize and intercept than those running over wire-line or fiber connections. Though, fiber can also be intercept however, it is hard to hack it as compare to the wireless. Moreover, public is having common perception that physical connections are having more security and protection. Also, the employment of digital encryption is really helpful to protect the wireless transmission, however, the public concern regarding security and privacy are of great importance and will be addressed in the coming decades by the wireless industry (Green, 2009).

As far as the global implication of wireless security is concerned there are few steps which should be adopted for the implication of wireless security. The initial step towards successful and effective global wireless security is creating a standardized verification infrastructure. However, the user should be required to authenticate on the network. But for the global implication users cannot be enforced to organize or manage multiple user authentication, accounts, identity and passwords. Furthermore, there must be a single set of access identification which must offer for verification at any site or location. Preferably this must be the similar set of certification used to login to the user’s own-workplace. On the other hand, the network systems should be arrange to recognize realms, domain names as well as various other regional identifiers in order that verification or authentication requests can be routed to the approved set of validation servers. By implementing this principle, the user will be able to travel to any place in the world or to any enterprise location and will be granted access to most appropriate networks (Green, 2009).

The second step for the implementation of global wireless security is the change in the access method. It required that the access method should be reliable and consistent everywhere the user travels. Moreover, users don’t want to adjust or reconfigure their systems as they travel from the corporate offices to their branch offices and homes. This indicates that there is a need for the same (Service Set Identifier) or SSID, which should be installed or present everywhere with having same encryption and authentication policies. Additionally, every place must have same authentication infrastructure so that user may not feel any problem. Moreover, users are free enough to be able to start their email application at corporate office, put their laptops in a sleep mode, go home, and start their work again without any need of a separate VPN client (Green, 2009).

Conclusively, the third step is the implementation of the voice mobility. It is observed that many companies and organizations are assessing their (Vo WLAN) or Voice over  WI-FI LAN technology today with estimated wide range deployments occasionally in 00 or 0 0. One of the major outcome and benefit for this technology will be the capacity to utilize it everywhere where there is an availability or access of wireless LAN service. When users move to the remote areas or travel to the remote locations, the service of (Vo WLAN) and voice mobility usually permits their Vo-WLAN handsets to start operation in the same manner as they perform in the normal work locations. Moreover, the mobile network infrastructure must offer secure transmission of voice traffic back to the corporate telephony server, quality of service control and reliable encryption and authentication methods all over the global network (Green, 2009).

References

Broadcom, (2003) Broadcom wireless LAN solutions now Wi-Fi protected access

Bulk, Frank. (2006) The Abcs of wpa2 Wi-Fi security. Network Computing, 17(2), 65-3.

CBR, (2009) Broadcom features wapi security standard on its wireless offerings.

Computer Technology Review, (2009, August 20). Motorola debuts wireless LAN security solution for remote wireless security testing.

Cox, John. (2009) what’s next for Wi-Fi?

Darkreading, (2009) Motorola introduces wireless LAN security solution for remote wireless security testing.

Green, Jon. (2009). Building global security policy for wireless LANs.

Guna, (2009) The Future of wireless security.

Hardnono, Thomas, Dondeti and Lakshminath (2008) Security in wireless LANs and mans.      London: Artech House, Inc.

Messmer, Ellen. (2009). Motorola boosts wireless network security.

Nichols, Randall K., & Lekkas, Panos C. (2006) Wireless security: models, threats, and  solutions. Berkshire, UK: McGraw-Hill Telecom.

Tynan, Daniel. (2004) The Future of wireless.

Click Here To View More IT Dissertations

Infrastructure Virtualization

Infrastructure Virtualization

Virtualization is a constantly growing trend in the business organizations of large scale. The approach of virtualization allows the organizations the ability to perform more work with fewer computers as the computer systems are actually relying on the computing powers of the system server which is replicated through the individual systems throughout the organization. Each system represents a single instance of the server computer. Implementing the virtualization techniques help a company save big on resources while keeping the productivity high.

This report is aimed towards analysing the applicability of the virtualization in the real organization of Regional Gardens Ltd. An implementation plan of the virtualization system will be developed as per the requirement specification of the organization. The advantages of the virtualization systems in data centre and legacy systems will be evaluated against productivity and cost-effectiveness. Virtualization techniques are generally implemented with challenges like information security and recover in case of disaster; therefore, both the issues with be discussed here with respect to the selected organization.

Introduction

Virtual desktop infrastructure is the approach of using a virtual machine as a way of hosting a different operating system in a machine other than the original or installed operating system in the machine. It is also possible to run a specific OS on many systems using virtualization technique while the OS is originally running on a centralized server system only. The Virtualization technique of this fashion is a variant of the basic client-server model of computing and is generally adapted by the organizations to enable virtual OS systems in the organizational IT infrastructure without the client-server model in its original form.

This report focuses on the implementation of virtualization of computer systems in the Regional Gardens Ltd organization. The organizations operates through three different offices, which includes a garden that is open for public viewing couple of times every year, A Regional Garden’s Nursery which operates as a seller of plants, and Regional Garden Planners, which is a gardening consultation firm operating for the organization and provides consultation about gardening to the general public. The managerial board at Regional Gardens is seeking the option of adapting the virtualization technique as a way of allowing its old computers to run relatively new OS, and is also planning to adapt to a virtualization technique to ease the pressure on its data centre which is costing a lot in cooling mechanisms. The report will analyse the implementation plan of virtualization for the organization as well as assessing the advantages and disadvantages of it.

What is Virtualization?

Virtualization in the field of computing technology refers to the ability of a machine to run a virtual machine on it even though the machine is not installed on the system. Virtualization can be performed not just for the applications, but for Operating Systems, run time environment and hardware components as well.

Over time, most of the functions that computers perform have in some way benefited from virtualization (Kusnetzky 2011).

Desktop virtualization is the technique of providing a different desktop environment in a already running desktop environment without installing the virtualized environment physically on the system. On the physical device that is hosting the virtualization, this technique provides a in-between layer for the desktop environment and the application software programs running on it by providing a virtual desktop environment to run the applications. With the desktop environment virtualization, it is also possible to use virtual applications on the virtual desktop environment using virtualized applications. It is also possible to run the virtual OS in all the systems of an organization with the use of a centralized OS installed on the server, which makes it very easy to keep the backup of all the information as virtually all the employees are making use of the systems through a OS that is physically present on one device only which is well protected. In such a situation, if one virtualized system is lost or broken, it will be very easy to restore a new system with the same information as it had stored on it before, since all the information is actually stored on virtual data center and a virtual desktop environment that are hosted somewhere else physically.

Proposed Virtualization Technique and Infrastructure

Virtualization technique can be used with different variations of it such as by installing a virtual OS maker on the system itself or by a centralized virtualization model that works using remote systems. Regional Gardens Ltd organization has a staff of 150 people under its payroll with its operations spawned across three different offices and locations. As the company is wishing to make use of a virtualization for its data centre as well as for the old specification systems installed in company’s IT infrastructure, the company should rely on the services of remote desktop virtualization technique to provide the relatively new OS programs to its fleet of old computers.

Hardware virtualization offers several benefits, including consolidation of the infrastructure, ease of replication and relocation, normalization of systems and isolation of resources (Wolf & Halter 2005).

Infrastructure Virtualization
Infrastructure Virtualization

The remote virtualization technique for the computer systems of Regional Gardens Ltd will function as a client server model between the server hosting the OS originally and the computers systems which are relatively old in the organizational structure and are in need of virtualization to make use of new OS systems. In this infrastructure, the execution of different applications and OS features will take place on an OS system that is not installed on the individual systems, but will be installed physically on just the server system which is connected to the local clients using a remote connection mechanism. The interaction of the user with the applications running on the server system takes place through a remote virtual display that replicates the display of the server system on the local system of employees. In the environment of remote functioning, the data stored on the systems in only stored on the physically installed OS device which is the server and only the local hardware information are stored on the local machines. Due to this special properly, the IT infrastructure of the organization will get robustness and high reliability as the data stored is much more secure in this environment. The most common approach of implementing this kind of system architecture is by installing the OS on a server machine that is running hypervisor, and then host a number of different OS instances on the same server system to make use of them by local systems of employees working for Regional Gardens Ltd. This approach is known as the virtual desktop infrastructure technique and is generally abbreviated as VDI.

The remote virtualization technique to provide OS instances on the local computers using a OS instance installed on server side system is generally preferred in the following situations:

  • The virtualization technology is highly efficient in the organizations where the availability requirements for the OS systems are very high and the technical support is not readily available every time. This is true in cases of retail companies and the branch office environment. This is also true in case of Regional Gardens Ltd, and having the OS system installed on the server system only helps the company infrastructure reducing the cost of maintenance and fixing technical errors in individual systems.
  • The virtualization technique is also very helpful in situations where the high latency of the network reduces the performance and productivity of the general client-server module. In such cases, the remote desktop virtualization technique helps reducing the latency by using centralized system based on a variant of client-server model.
  • In the organizations, where the data must entertain the need of remote access as well as data security issues. Both aspects conflict with each other, but with the remote virtualization technique, the remote nature of services is retained while keeping all files stored on the centralized system only that ensures the high level of security.

As some devices in the Regional Gardens Ltd are running on operating systems other than windows, the virtualization technique will allow running a windows OS in such systems without having to install the OS in these systems physically. With the proper implementation of the virtualized technique, the employees can also work on the windows OS through their non-Windows tablets and Smartphones.

The remote virtualization technique for the OS virtualization is also a great way of sharing different kinds of resources in the organization. It will be difficult for the organization to provide every employee with a dedicated high-end specification computer or to replace the old computers with expensive modern technology computers.

In the organizational structure of Regional Gardens Ltd, the virtualization technique will help the company with the accommodation of legacy systems as well as enhancing the security of the entire system architecture.

Data Center Virtualization

The Regional Gardens Ltd has a data centre where all the data information related to the organization and its three different offices is stored. The organization is currently facing the issue of high costing for the cooling of the data centre. The objective is to get the cost low for the data centre maintenance and cooling by using the virtualization techniques. For this purpose, the data centre can make use of the a virtual data centre which appears to be present physically within the organization, but is actually stored in a cloud and is replicated on the Regional Gardens Ltd systems through the use of virtualization. The systems need to be connected to the network in order to use this data centre technique. As the data is basically stored in the cloud networks and there is no physical data stored on the industry systems, the maintenance and cooling expenses can be saved. For security and restore purposes, a continuous backup of the data centre can be produced by the IT department of the organization which will keep a latest copy of the data stored.

Given the state of virtual and cloud-based infrastructure, it’s almost impossible not to think about end-to-end data environments residing in abstract software layers atop physical infrastructure (Cole 2014).

Introducing cloud computing involves moving computing outside this firewall, in effect dismantling the firewall and enabling much richer collaboration with various stakeholders (Willcocks, Venters & Whitley 2013).

In this digital age of networking systems, a large pool of business entities is looking forward to the cloud networks as the ideal solution of handling the responsibility of a network system. There is a big trend of implementing the cloud based networks in the business organizations and a large number of organizations have already implemented such a system. Most of the businesses adapting to the cloud networks are the once which are in need of upgrading their outdated network systems. The cost-effectiveness and flexibility present in the cloud networks is making such networks the ideal solutions to the problem of implementing a new network system.

Cloud Computing is the paradigm where computing resources are available when needed, and you pay for their use in much the same way as for household utilities (Harding 2011).

The character of the internet forces cloud providers and application builders to compromise, often in the form of eventual consistency (Waschke 2012).

Cloud technology in networking helps the organizations in keeping the infrastructure for the future changes in the network as well as keeps the development and maintenance of the system cost-effective for the company. The planning of infrastructure is very simply in this technology and it is also a dynamic approach that makes it very easy to make scalable to develop the cloud applications, for data storage, etc. There are various type of could networks that can be implemented and these types include clouds like Public, private, hybrid network or the latest technology in this field, Community cloud.

All of the different networking technologies in the cloud services are significantly different from one another and have own advantages and disadvantages. Based on the advantages of each cloud technology, the Regional Gardens Ltd can decide which kind of cloud solution to implement on the network. As the organization is having a network of 150 employees and only these employees have the access to the system, a private cloud network virtualization will be suitable for the needs of Regional Gardens Ltd.

In the business organizations where privacy is a big concern, private cloud networks are mostly used to keep the access to the network limited to the staff members. Such a private cloud allows a business entity to host a specialized application on the cloud and it is also possible for the organization to focus on security concerns with this approach which is component missing in the public kind of networks. This kind of network is not shared among a large pool of people or with other organizations. Such kind of a network can be hosted internally or externally.

There are two different types of private network based on the configuration

  1. On-premise private cloud: This is a cost effective method of developing a private cloud network for the organization. The cost for this and the operational costs of such a model will then be attached with the IT department of the company as the network will essentially become responsibility of the IT department. On premise private cloud networks are highly suitable for the applications that are hosted within organizations and offer high level of control or configuration ability to the management as well as high security to the whole network.
  2. Third party private cloud: These are also known as the externally hosted private cloud networks. Such cloud networks are designed by a specialist firm functioning in the networking industry for the exclusive use of one company only. In such a case, the cloud services are organized by the help of a third party network solution which also hosts the service. The service provider then develops a network that is managed for the purpose of that specific organization only and it is also ensured that the network developed is highly secure for use in organizational scenario.

For Regional Gardens Ltd, as the organization is not having an IT department, hiring services of a third party cloud company will be highly beneficial and recommended to keep the cloud secure and functional. Implementation of a cloud based virtual data centre will reduce the cost of maintaining a physical data centre.

The advantages of Virtualization for Regional Gardens Ltd

In the IT infrastructure of the Regional Gardens Ltd, the virtualization technique will provide great benefits. Some of these advantages are listed below:

  • Consolidation: The technique of virtualization in the organization will reduce the workload on the non-efficient systems or the legacy systems by means of consolidation. The approach combines the workload of a number of machines on a single computer. Through the use of this technique, the employees can run more application on fewer hardware components. This is a cost-effective feature of virtualization in Regional Gardens Ltd as it does not require all systems to be of top-notch specification.
  • A full data centre: In the present infrastructure of the organization’s data centre, the data centre is almost full and cannot handle more workload or adding more computers. Additionally, the cooling and maintenance of data centers are also running on their full limits and are costing a lot as well. Virtualization makes it easy on the datacenter by allowing adding as many computers as required to the datacenter without physically combining them. Virtualization of cloud based data center is the perfect solution for the datacenters. In this manner, the data is stored on a cloud network and the maintenance and cooling cost is significantly reduced.
  • Hardware isolation: There are new hardware components coming out every other month with faster and better performance than the previously available components. However, shifting from one server hardware to another is a tough task and requires long configuration. There is also a risk that the new hardware component architecture may not work for the existing applications. In case of virtualized systems, this issue is not present as the systems are virtual and not physically present. Every machine in the network is actually replicating the server machine only hence, this issue is minimized heavily.
  • Legacy operating systems: Regional Gardens Ltd is also facing issue of the legacy systems in its IT infrastructure. The organization wants these legacy systems to run the modern operating system just like the rest of the computers in the company structure. However, it is not natively possible as the hardware specifications of legacy systems are not adequate to hold the modern OS. Using the virtualization, such legacy systems can make use of virtually installed modern OS which are actually physically installed on the server system. This process will allow Regional Gardens Ltd to make use of its legacy systems.

Disaster Recovery in Virtualized Infrastructure

In the virtualized technique of data centre and the company systems, the computers run an OS that is physically installed on the server machine only. All the information that is stored on any of the computers in the organization is actually stored on the server system only. This approach reduces the risk of losing data or information through the individual device or computer damage. However, at the same time, it increases the dependability of the organization on a single server machine which is actually virtually providing its own OS instances to different computers in the network as all the data is stored on this machine only.

As the data is stored on the server only, the organization becomes prone to disastrous situations if the server machine is compromised or damaged. To overcome from this issue and to perform a disaster recovery in the virtualized infrastructure, the organization must take out backups of the data stored in the server machine in a periodic manner. For maximum security and protection of data against a disaster situation, multiple instances of recovery backup files should be stored in locations which are not close in proximity. Storing one of the backup instances in a cloud network is also a good option for the organization.

By using the method of periodic backups, the organization can protect its virtualized systems against any kind of disaster. In case of a disaster, if the server loses all of its information stored, then the latest backup file can be used to restore information in the server system which will be replicated to all the other computers in the system as well. As the network is virtualized, there is no need to restore the backup for individual computers and only restoring it on the server system would be enough to gain back the same functionality.

Information Security Changes Required

Use of a virtual network where all the employees of the company who are working on different computes are actually working on the same server machine system, the security issues are to be entertained differently. In this system all the employees of the company are making use of the same server therefore there needs to be some security constraints regarding the information stored on the server. Some security changes required are listed below:

  • Using different OS instances: Instead of providing same OS instances to all the employees, the virtual server should run different OS instances for different computers.
  • Using employee user-accounts with set privileges: Every employee of the Regional Gardens Ltd should be given a separate OS account to login to the computer and each account should have its own access privileges based on the position of the employee in company.
  • Restricted access to stored files: The server system should have logics applies to restrict the access to the files created by other users. This approach will ensure that the information confidentiality is maintained even in the shared resource and storage scenario.
  • Encrypting the system: For added protection, the files stored on the system should be kept encrypted.

Conclusion

The Regional Gardens Ltd is facing issues like legacy systems in the organization and high cost of maintaining the datacenters which are getting used up to their highest limits. The idea suggested by the management to make use of virtualization technique in order to reduce the cost of cooling the datacenter as well as making use of legacy systems has been analyzed through different perspectives. The implementation of virtual systems in the company infrastructure will assist the origination in better managing its resources and legacy systems as well as reducing the cost of maintenance for datacenter.

The issues of information security and recovery processes are also discussed in the report and it is found that the mentioned approaches will not create an overhead on the organization.

References

Cole, A 2014, Is the Virtual Data Center Inevitable?, IT Business edge, viewed 15 May 2014.

Harding, C 2011, Cloud Computing for Business: The Open Group Guide, Van Haren Publishing.

Kusnetzky, D 2011, Virtualization: A Manager’s Guide, O’Reilly Media, Inc.

Portnoy, M 2012, Virtualization Essentials, John Wiley & Sons.

Waschke, M 2012, Cloud Standards: Agreements That Hold Together Clouds, Apress.

Willcocks, L, Venters, W & Whitley, E 2013, Moving to the Cloud Corporation: How to Face the Challenges and Harness the Potential of Cloud Computing, Palgrave Macmillan.

Wolf, C & Halter, E 2005, Virtualization: From the Desktop to the Enterprise, Apress.

Click Here To View Computing Dissertation Titles

Ecommerce Industry

Ecommerce Industry And Competitive Environment Study

Ecommerce is not a new name for any of us and at the pace it is growing, Ecommerce is certainly proving to be the new face of how we to do business today. Before going into the details of Ecommerce industry study and its competitive environment, let us briefly analyze initially what Ecommerce is?

Ecommerce also known as Electronic Commerce is referred to the selling, purchasing and exchanging of services and goods over computer networks and all sales terms and transactions are performed electronically. It is believed that Ecommerce is referred to business done via internet only, which is not true as even before introduction of the internet, business to business transactions took place electronically via Value Added Networks (VANs) and Electronic data Interchange (EDI).

Ecommerce can be parted in mainly four categories

  • Business to business (B2B)
  • Business to consumer (B2C)
  • Consumer to business (C2B)
  • Consumer to consumer (C2C)

B2B category refers to companies doing business together in form of manufacturers selling to wholesalers and distributors and then to other retailers. B2C business is the best known form where businesses sell directly to customers. Whether you require to purchase a diary, a dress, a book or a toy, everything is available very easily on the net in a wide variety. B2C being a popular form of Ecommerce will be the main topic which will be discussed in this paper. C2B is referred to people selling their services to companies. For example companies on a budget post their job requirement along with their budget on special websites on which potential service providers bid to perform the job. The company then selects from scrutinizing candidates. C2C is referred to direct consumer to consumer selling in bidding sites or on auction sites. Many websites today offer the facility to directly post ads by consumers for consumers. These sites serve as a mutual trading location for sellers and buyers.

There are also other forms of Ecommerce too such as Government to Government (G2G), Government to business (G2B), Government to Employees (G2E), Business to Government (B2G), Citizen to Government (C2G), Government to Citizen (G2C) and several other types of other Ecommerce classifications.

Historical Ecommerce Industry Overview

The very initial instances of Ecommerce appeared in the initial phase of the internet in 1970s when electronic transactions began taking place in business networks designed specifically to simplify and modernize certain processes of a business such as sending invoices and filling of orders by customers. Ecommerce however became popular when electronic transactions became possible and home computers became common. Businesses availed this opportunity and the early birds are among the highest profit reapers online today.

With a history dating back to a few decades only, the growth experienced in computing technology and networking is exponential and even with a slumping global economy, the sales related to online retailing has is ever increasing.

One prominent name in Ecommerce is Amazon.com which presented the first full scale model of Ecommerce business in 1995 after the World Wide Web was introduced in 1990 by Tim Berners-Lee. 1994 and 1995 were the years that initially saw third party services being introduced in online sales in form of credit card sales.

The next name prominent in Ecommerce history is eBay. As Amazon introduced to the world a common platform practicing B2C Ecommerce practices, eBay levelizing the concept proved that one is not required to be an established entrepreneur or an existing online business to sell goods online. eBay paved way for C2C type of Ecommerce. Today people can buy almost anything online from home goods to shoes, fitness products and even a real shark tooth and all this owed initially to Amazon and eBay who paved the base road for Ecommerce merchants of today.

Although Amazon and eBay are the biggest and famous names that arose as first examples of Ecommerce sites, however they were not the first. The first reported Ecommerce site that initiated the online transaction process was Netmarket, and was the first online retailer that conducted the first secure web retail transaction. The transaction took place on the 11th of August, 1994, where Netmarket sold a Sting CD copy of the Ten Summoner’s Tales. The transaction amounted to $12.48 exclusive of shipping. Similarly the first online bank that performed financial transaction online was on October, 1994 when the Stanford Federal Credit Union offered internet banking facilities to its customers.

Assessing Ecommerce Industry Based on Michael Porter 5 Forces

The model depicting the intensity of the five forces in terms of Ecommerce industry highlights the Rivalry and Buyer power in Red depicting higher levels of intensities compared to substitute threats in Orange.

five-forces-analysis-porter
five-forces-analysis-porter

Model 1 – Michael Porter 5 Forces Analysis of Ecommerce

Assessing Ecommerce on the five forces defined by Michael Porter namely degree of rivalry in an industry, threat of substitutes, barriers of entry, supplier bargaining power and buyer bargaining power allows us to better understand the underlying situations of the industry and accordingly a brief analysis of the industry in terms of the 5 forces is given below.

Rivalry in Ecommerce is great owing to several sellers or players in a single field competing against each other to attract more and more customers. Competition among Ecommerce site is fierce especially with regards to prices as even a small shift in price goes a long way in defining the sales of a particular site within the whole lot.

The threat of substitutes is also relatively higher in the Ecommerce industry owing to a million different players offering the same or somewhat same (substitute) form of goods and services. Since the web has in fact transformed the entire globe into one single market place, this makes availability of substitutes even greater as newer techniques are defined every day that can easily and effectively replace older one, thus turning the strength of a seller on a single day into his weakness on the other. Staying updated constantly and continuously is a prerequisite in Ecommerce industry.

There is literally no barrier of entry in Ecommerce industry. Barrier to entry formerly in brick and mortar industries was associated highly to expertise and capital which has transformed into the least of new entrants worries today. This however does not mean that everyone who enters the industry will get noticed too. In a particular sector of Ecommerce where an old player has invested in time and money along with required knowledge, skill and capability, entrance for new potential sellers is not an easy task. For example any business that has heavily invested in EDI and is using it, will automatically create a barrier for new entrants in the particular trade center. However conversely, owing to the advancements in technology, new ideas emerge every now and then paired with the fact that need to invest heavily in infrastructure is also eliminated, it becomes easy in several sectors of the industry to enter, for example online banking. Since physical buildings are not required, through using advanced internet technology paired with an excellent marketing plan a very unique and successful online banking service program can be initiated.

Bargaining power of suppliers is great in Ecommerce in sectors where relatively low number of suppliers exist such as specialty products. However since generally a lot of suppliers are available, supplier bargaining power is compromised. Every business would want the best bargains from its own suppliers and lot of competition between suppliers equals to reduced bargaining power and vice versa. Also if any supplier is not enabled electronically, automatically its bargaining is reduced.

Bargaining power of buyers is immense in Ecommerce industry owing to the need of keeping production and management costs as low as possible to stay profitable at maximum levels. Also in terms of competing with rivals, Ecommerce businesses require to be as efficient as possible. Also the bargaining power of buyers in any particular sector of Ecommerce is associated with two factors the supply of the product and the number of competitors in a market. With a larger competitor count, buyers bargaining power is at maximum and vice versa. Similarly a surplus in the supply of goods in the market leaves the buyers at a higher bargaining power position. Citing the present Ecommerce scenario, buyers are by far in a much higher bargaining power in a majority of Ecommerce sectors.

Ecommerce Supply Chain Model

Typically an Ecommerce site’s supply chain can be broken down into Customer’s Demands and Feedback, Research Team Proposals, Manufacturers/Suppliers, Ecommerce Business, Digital Financial Institutions, Shipping Companies, Consumer.

Ecommerce Supply Chain Model
Ecommerce Supply Chain Model

Model 1 – Ecommerce Supply Chain Model

Owing to the abundance of competition and the soul nature of Ecommerce industry as being closer and more aware of customer’s requirement, makes awareness of customer’s demands and receiving of feedback regarding product or service a prerequisite in many sites that operate online. Many of the top sites online follow the system of collecting feedback data from customers to device products accordingly to customer’s demands. Although there is a lot of other technological advancement and expert analysis going on in between the main players involved in the Ecommerce transactions as everyone wants to offer the best goods to customers in the easiest possible way however here we will be discussing the above mentioned cycle in particular. For a complex picture of the supply chain in Ecommerce industry refer to the Model 3 at the end of the report.

The normal transaction in an Ecommerce site starts from the manufacturer producing and presenting for sale a particular product that is designed according to present market demands. The products is then priced and presented online to be viewed by customers in the most appealing way that compels them to purchase it. One a purchase is done from a site; the next involved party is the financial institution that will take care of the transfer of funds from the purchaser to the seller. Finally when the customer is done with the buying experience from a site and receives the product, the last step is a feedback which every customer is asked to give regarding the experience and the product/service.

To particularly explain the buying experience of a consumer on Amazon, to better understand the working facet of Ecommerce sites, let us analyze a case study where a particular customer wishes to buy an iPod from Amazon.com. The very first step to shop online and benefit from eShopping facilities is to visit the Amazon.com site and search for the desired product (iPod in this case). The customer has three options to find products related to iPods purchase. Firstly he can find the iPod section on the main page of Amazon or search for it in the “shop all department” or simply visit the electronics category and find the iPod section. As soon as the customer reaches the iPod section, a wide choice of different types and makes of iPod will be available to choose and from them the customer can decide on the one that he wants. The customer will then select that product and add it to his shopping cart on Amazon. If the customer wishes to buy any other thing he can go for it before the payment options appear before him. Once the customer is done with his shopping, he will then proceed to checkout where he will have to go through the membership option if he is a new customer, whereas if he is not he will enter his email ID after which he will be giving all relative details including name, address, postal, etc.

After the shipping details are done with, the customer will then choose the shipping mode he prefers from the various different options provided by Amazon before moving on to the payment mode selection part. Amazon allows you to choose from whether you will be paying through your bank account, your credit card or through the Amazon.com store card. Next you can enter the promotion code for the product and after confirmation of the details being valid, the customer can finally once again confirm the order and the purchase is complete.

Manufacturers today are engaging more and more with their potential customers to offer them exactly what they want, as only those can compete in the industry that are fulfilling the demands of the customers. Knowing what a customer wants previously was associated to very few ways such as surveys, etc. Today however, finding out the preferences and demands of customers is easier as technology has enabled every business to reach out to its customers via social networks and direct online interactions. The supply chain of the Ecommerce industry has thus changed a lot as initially the manufacturer paid more attention on the emerging trends and produced products which were then sold to the customers and feedback was received. Today the supply chain starts and ends at the customers. Manufacturers today interact with potential customers to inquire and know more about their expectations and demands and then accordingly move on to the production phase.

One such example is Amazon itself which sores all data of the customer’s visit and the products they purchased, every comparison they made. Etc. Amazon literally stores in all information coming from every click of every visitor that visits the sites and through compiling these date along with the customer reviews, Amazon.com knows perfectly what a customer wants, prefers and demands.

Once this phase is completed, presentation of these products on the online site is the next place that is evolving through time. Initially sites that offered services or products for sale use to present simply the description of the product or a photo of it to its customers, however today technology has enabled Ecommerce sites to upgrade to phenomenal levels. Not only does these sites regularly upgrade what they present rather a very thorough description and closer to reality images of the product present the same feel and look that is offered in a brick and mortar store. Today you can investigate every corner of a product before purchasing it. In terms of prices, there are several sites that offer services in comparing what a site offers in contrast to others and based on features, effectiveness and price comparability one can easily choose the best service or products for themselves.

Next comes in the financial institutions that play a major role in transforming the Ecommerce industry today. Almost every bank operates online today offering online banking solutions. Ecommerce sites in order to facilitate customers offers a variety of online financial solutions to choose from. You can pay easily through credit cards, direct online transfers or also through online financial institutions such as PayPal. Every Ecommerce site offers a variety of payment options so that customers from the world over feel easy to purchase from that site.

In the past banks have been slow in introducing mobile banking payment options however today they too realize that it is the need of time and more and more banks are introducing mobile payment options. These options today are not only found in form of mobile banking apps but also non-banking players are moving in this area of providing NFC (Near field communication) services of payments to customers.

One latest example of NFC services incorporation with mobile payments is the Apple Pay. Recently Apple has announced its new payment feature, named Apple Pay, which is a NFC compatible system that will allow the iPhone 6 and 6 Plus users to make their payment at more than 200,000 US retail locations. Apple has also boosted up its security features addressing some of the top mobile payment concerns of the consumers. With this massive mobile payment option, the world of mobile wallet is expected to boom to new heights.

Mobile payments are not still very popular as at the end of 2013, according to a survey only 6% of adults in US claimed to have used a mobile payment option at the payment terminal however the percentage is expected to grow by 33% by the end of 2014. Mobile wallet adoption is at a high and the new millennial (individuals aged 18 to 34) are the top users of mobile wallets. The newly arising in-app crowd that is allowing a bypass payment terminal for users to make purchases via their phones is promising a fundamental change in how we pay in restaurants and bars making the whole process completely software driven.

Shipping companies or courier services are also a major part of the supply chain as the assuring processing of the goods to the customers in the shortest possible time effects the whole purchasing experience tremendously. Earlier on a few shipping options were present only and normally companies used to cater to local markets only, however today the scenario has changed completely. Companies today cater to international markets as well offering competitive ways to ship products to purchaser.

Lastly the process of receiving feedback which can also be termed as the initial part too is critical to the whole process as special research teams analyze the feedback and accordingly not only improve and enhance services and products but also the purchasing experience of the customer.

Through time as lot of change has been seen in this typical Ecommerce supply chain as earlier on the number of online financial solution providers was limited whereas today several different options are available. User interface has been improved tremendously owing to technological advancements and international shipping companies have made international shipping affordable and a pleasurable experience opposed to a few years ago.

Ecommerce Industry
Ecommerce Industry

Earlier on in Ecommerce scenario, the product was the main focus of attention for a buyer as they were more interested in the quality and price of the product, however with the increased competition online, a buyer can easily find today, the best product and prices and so the concern of customers has shifted considerably towards the best shipping and secure financial dealing options. The widespread of the internet has also conjured up a lot of fraudsters that are always after tricking people off their money and financial institutions to overcome this fear of shoppers regularly update and ensure safe and secure transactions of finance and related information. The margins of Ecommerce industry although do focus on the product and service however a shift towards secure financial options has been observed and the online financial institutions seem to be in a bliss of time currently in terms of earnings online.

Companies that offer secure financial transaction ability, diversity in product portfolio and a diverse selection of shipping options today are gaining that competitive edge over competitors. Owing to the same fact new payment options such as Apple pay or other forms of mobile payment will further revolutionize the online financial sector and the already blooming segment of Ecommerce industry is expected to see more enhancement and progress through introduction of more secure and easier payment options.

The supply chain network of Ecommerce industry is continuously showing shifts as initially the Ecommerce sites through a variety of low priced and competitive products were luring customers towards themselves and earning more money. However today with more and more easy mobile payments, big companies like Apple can reap benefits of the financial payment methods and sell their products easily to customers. Although sites that offer diverse products are the high earners today, the trend is definitely shifting.

View Ecommerce Dissertations Here

Cloud Computing

Impact of Cloud Computing on Federal Government

The exposure of cloud computing is being increased day by day. Each and every organization, whether it’s online or offline, is trying to induce the effective cloud computing due to countless number of reasons and benefits. The federal government of US is has also planned to incorporate the cloud computing services due to number of benefit such as the reduction of costs, relief to taxpayers, robustness, reliability etc. The first part of this paper talks about the term of cloud computing as it defines it through various perspectives. The second part of this paper talks about the architectures of cloud computing which have been developed and being utilized with the real world and further talks about these architectures briefly. The next part of this paper highlights the needs of federal government which urge for the development and deployment of cloud computing infrastructure. The upcoming part reflects the impacts of cloud computing on federal government along with the issues, risks and benefits after the implication. The next part talks about the models which have been developed for cloud computing and are being utilized by the federal government. The upcoming part of this paper talks about the issues and risks which are being faced by the government due to the implementation of cloud computing models. The upcoming parts talk about the accumulative advantages and disadvantages.

Introduction

Cloud computing is becoming more widespread in the IT industry. In fact, the demand for cloud computing services over the past few years has seen an enormous surge of investment in infrastructure and gained a reputation as a model with broad use. According to the National Institute of Standards and Technologies (NIST), cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. From an economic standpoint, cloud computing implementation benefits the federal government in several ways by: connecting its constituents more rapidly and efficiently, streamlining services and requests, making service more reliable, and providing significant expenditure savings.

What is Cloud Computing?

Cloud computing can be referred as an internet metaphor, the interconnected computers over internet in a diagram represents a cloud which further represents a network. In cloud computing the files are stored over the servers as they host these files and form a cloud by making those file available to countless servers and computers which are accessible over internet in web browser instead of desktop. (Miller, 2008, Ch. 1) The cloud computing makes the access to specific data effortless as the cloud formed by the hosted servers enables the user to access the file anywhere on any computer with the facility of internet as it just requires a web browser for this purpose.The cloud computing also enabled the users to work in collaboration in form of groups such as the group’s members can easily access the documents and programs without the barriers of location. The current technological situation has enabled every user to get involved in cloud computing for both the commercial and domestic purposes. There are countless programs which being utilized by individuals over internet without consent that they are using cloud computing, these applications consists Apple Mobile Me and Google calendar which are solely based over web. Apart from this, there are many online platforms which are offering the hosting and sharing facilities such website contribute to cloud computing. Picasa Web Album and Flicker are also an example of cloud computing where snaps are shared over the cloud and can be accessed anywhere in the world. One of the main reason for the implementation of cloud computing is that it offers faster, cost effective and flexible amalgam of technologies and involves various tools for its achievement. Cloud computing can be referred as a transformed model of computing where the operations and computation are carried out over the data somewhere on cloud. (Gillam, 2010 p. 3) The cloud can be referred as a center for data collection by third party. Cloud computing is referred to systems software, hardware which further include the applications which perform their services on internet. The cloud with the paid facilities for public is called public cloud.

Architecture of Cloud Computing

The architecture of cloud computing consist of specific design which is further based on software application, these application utilize on demand services and internet access (Gillam, 2010, p. 24) The architecture of cloud is an infrastructure which utilized its resources when they are asked to perform specific jobs, when the job is completed, these resources are relinquished after disposal. This architecture has enabled the cloud services to be utilized anywhere in the world using one cloud access point. The cloud services consist of platform, infrastructure and applications. The services which are provided by cloud work under real time environment over internet.

Cloud Computing Dissertations
Figure 1: Cloud Computing Architecture

Software as Service (SaaS)

Software as a service or SaaS platform works concurrently; these services use the single instances to support both the application and the object code along with the interaction with the database. This service deals with the number of concurrent client connections in real time environment by using the shared resources. SaaS uses Application Service Provider models. The service providers using models are NetSuit, SalesForce.com, Microsoft and IBM etc.

Platform as a Service (PaaS)

This service is meant for developers as it enables the developers to work on a platform for the provision cloud services by development, deployment, testing, and implementation of web based applications services. Through this, it has become very easy for developers to craft the applications for business purposes to be utilized over internet. The very reason behind the invention of PaaS system was to solve the problem of creation and maintenance of infrastructure so reduce the time consumptions. There are many key examples of PaaS which include Microsoft’s Azure, Google AppEngine and Heroku etc. PaaS provides the swift development of services and tools as compared to the traditional methods in quick manner.

Hardware as a Service (HaaS)

This service model has been developed for enterprise solutions as it allows the consumers to acquire the hardware license in direct manner. It allows the pay as you subscriptions services to cope with the needs of data centers. The entrepreneurs mostly lean towards this model as it alleviates the need of management and building of data centers.

Infrastructure-as-a-Service (IaaS)

Infrastructure as services is also referred as IaaS, the computer infrastructure with this approach is utilized as service. It not only provides the flexibility but also provides the intelligent usage based scheme of payment such as the consumers only pay when they grow. This also gives the satisfaction to consumers that they are utilizing up to date technology. The consumers can easily acquire the swift delivery time with this type of services. There are various companies which are based on infrastructure as service include Flexiscale, GoGrid, AppNexeus, Layered Technologies, Mosso, Joyent and Rackspace etc. The cloud modes further consists of further 3 parts which are private cloud, Public Cloud and Hybrid Cloud.

Virtualization

Virtualization is referred as a technology which couples the abstraction of operating system and hardware. The physical resources are abstracted with logical resources to reduce cost reduction, enhancement of flexibility, agility which in return enhances business values. In cloud computing, there are different types virtualizations such as storage, network, server virtualizations. The server virtualization can be referred as multiple logical partition or representation of single physical resources. The virtualized environment enables to shrunk, expand, move or create the computing environment dynamically accordingly to the underlying demands. This is the very reason due which the virtualization is incorporated into the infrastructure of dynamic cloud as it offers significant advantages regarding isolation, sharing and manageability. There exist numerous solutions which are introduced in market for the management of various solutions such as VMWare, VirtualBox, XEN, KVM and MVMM etc.

Need of Cloud Computing and Federal Government

The US Federal Government has intended to save billions by incorporating the new technology of cloud computing to information systems. The new system development was initiated by the US federal government in order to save billions under the expanses of government operation along with the impact reduction over data centers operating under government. The very reason behind this initiative is to get rid of business regarding data centers. Currently the US federal government is running approximately 1100 data centers. (Stair, Reynolds, 2011, p. 512) For this purpose, the government is intending to outsource the data centers to the cloud operators under SaaS infrastructure which would also be responsible for the consolidation of remaining confidential and sensitive data storing operations with the new cloud computing technology of virtualization. Through this process, the accomplishment will require very less number of servers. The government would be able to reduce greenhouse gases emission along with the reducing in spending by reducing the data centers to 90%.

The very first step for the implementation of clouding computing taken by the federal government was the introduction of an application store for the federal agencies. This application store www.apps.gov provided the links of essential business applications such as social media, productivity applications. These services are currently being provided by the PaaS, SaaS and IaaS vendors. These data centers are incorporated with the securities and service policies vetted by the government. These cloud services can enable the federal agencies to adopt and discover the services of cloud computing from this website for the development of their own system projects. A website www.infor.apps.gov has been introduced by General Services Administration (GSA) which has depicted the helping material which is responsible for the understanding development amongst agencies regarding the pros and cons related to cloud computing along with the discovery of useful applications. It is presumed that with the implication of cloud computing, the agencies would be able to save and reap the benefits of clouding computing by shifting their data from government data centers to cloud services. The data center project of government is being referred as the largest consolidation project by federal government. It depicts the trend of transformation of data from private and small data centers to big data centers such as Amazon, Google, Microsoft and many other vendors which are providing cloud computing services abiding by the government compliance and regulations.

Impact of Cloud Computer on Federal Government

According to analysts, the current economic situation and has badly impacted the financial situation of government and to minimize this stress, it is being urged to adopt the cloud computing first at government sector. It is fact that the new technology of cloud computing provides the financial rebates along with the lower energy consumption and higher utilization for the provision of availability of applications. Due to the availability of countless benefits of cloud computing, many organizations are eagerly willing to adopt this technology with intention to face the challenges related with it. Due to the tight budgets of governments, it has become mandatory to adopt the new technology of cloud computing as it is very cost effective methods of inducing new technologies into government. It is presumed that the shifting of government information systems to cloud computing would significantly aid the government for server management and also emphasize the critical technology in government agencies. The cloud computing technology enables the organizations to focus over the core business technologies. The impact of cloud computing, under the context of budget, is really eye opening on US federal government information systems.

The analyst firm from public sector has estimated that the investment by the federal government in IT sector would significantly increase at the annual rate of 3.5% which would further reach to $90 billion in 2014. Besides this, it is estimated that the growth with the implementation and deployment of cloud computing will boost the growth and it would be estimated 30% annually under the same time frame. The analyst firm further revealed that the investment by federal government over cloud computing services will be triple in upcoming five years. (Sobh, 2010, p. 8) This calculation has given an estimation that the federal government would need to invest approximately 1 billion for services offered by cloud computing. The market analyst has depicted that the cloud computing portrays the basic reconsideration of investment in IT sector. Furthermore, 40% compound annual growth rate has been depicted by market analysis for federal sector spending for cloud computing.

Current Cloud Computing Models in Federal Government

Computing clouds are based on deployment models and services (Sosinsky, 2011, p. 5). The deployment models refer to the management and location of infrastructure of cloud while the services models enable the provision of various services over the platform of cloud computing.

NIST Model

The major customer of computer resources is United States government and hence included in the significant users of cloud computing environments. The national institute of standards and technology (NIST) has defined the definition of working which further distinguish the deployment and services models of cloud computing. The model developed by the NIST did not ask for pool of virtual resources neither it falls under the definition of multi-tenancy. According to the latest definition of cloud computing by NIST, it is stated that the cloud computing networks support both the multi-tenancy and virtualization at the same time. The cloud computing is being renovated to architectures which are based on services and it is expected that the NIST may include those features in future in its model as well.

The Cloud Cube Model

The cloud cube model is maintained by an open group which is named as Jericho forum, the main focus of this group the security concerns of cloud computing networks. The interesting model invented by this groups categorizes the network into four dimensions which are physical location of the data, ownership, security boundary and sourcing.

Deployment Models

A deployment model mainly defines the core purpose for the creation of a cloud along with its nature and location. There are four deployment models which are further defined by NIST which are public cloud, private cloud, hybrid cloud and community cloud. The infrastructure of public cloud is openly available to public usage and is run by the cloud service selling organizations. The private cloud infrastructure refers to the cloud being utilized for specific organization of government agency. The private clouds are operated, managed and maintained by third party or organization itself. The hybrid cloud consists of all public, private and community clouds as a single unit with boundaries between them. A community cloud is referred as a cloud where it serves or performs the common purpose or function.

Service Models

The deployment models refer to the deployment of infra structure, since the cloud services provided by the different vendors have some addition of subtraction of additional services. For this type of services, service models are defined. The service models are defined as something as a service such as infrastructure as service (IaaS), platform as service (PaaS) and software as service (SaaS) which already defined above in this paper.

Issues Regarding Implementation and Deployment of Cloud Computing to Federal Government

Cloud computing paves both the negative and positive impacts such as the security of information can be increased or decreased in federal agency systems. The vigorous security benefits incorporate the latest technology named virtualization for faster development of security patches such as the scalability of economics which includes the cost reduction from threats. (Wilshusen, 2010, p.2) The risk is based over the assurance provided by the vendor and dependency upon the security measures as well. Furthermore it is also concerned with the computer resources sharing. The intensity of the risk may also be found varying as it also depends upon the deployment model. The implementation of private clouds into the federal government also bears the risks of low intensity. However, to address the security issues, a thorough examination is mandatory regarding the security controls before the implementation of cloud computing at place. Federal government is giving its hectic efforts to address the security issues related information systems for cloud computing. The very reason which preventing these efforts is lack of guidance due which all efforts have become vague and incomplete. Many federal government agencies have incorporated specific security measures according to their needs but there is not generic guidance has been developed. For instance, there are nearly nine federal government agencies which have undergone the agreement of cloud computing with vendors having the approved procedures and policies. Many federal agencies have also pointed out the issues and challenges which are being faced by already defined security guidance along with the implementation process. It also includes the concerns regarding the compliance of cloud computing service vendors with the information system security policies and requirements and the distribution of obligations between vendor and customers.

However, there are many organizations which have initiated the security measures regarding cloud computing which are General Services Administration (GSA), Office of Management and Budget (OMB). OMB has started the strategies for cloud computing which were under process, during this process GSA has started its own strategies for the procurement of cloud computing and undergone countless challenges. On the other hand, NIST has also induced its efforts for information security concerns for cloud computing but still it has not promulgated the security guidance for cloud computing security. It is comprehended that if the agencies remain unable to develop the authentic and effective security guidance, it might become impossible to implement significant security controls for cloud computing applications.

Advantages of Cloud Computing

There are countless advantages which are associated with cloud computing consist of up time, scalability, cost, convenience along with environment can be referred as few major beneficial constraints (Kozloff, 2010, p. 7).

Convenience

The federal government can easily limit the expanses by adopting the cloud computing environment in a convenient way as it offers the mature infra structure where the federal government would not be worried about the delivery of electricity or power. The services are provided on demand, which makes the acquisition of information or data convenience as it reduces and balances the load significantly. So, the data shifted to cloud computing can be acquired from any communicating device.

Cost

One of the major advantage which is associated with cloud computing is the cost effectiveness. It is misunderstood by many consumers that the cloud computing services are only available to federal agencies due to heavy costs and expense. But, in fact, the cloud computing services are much affordable and come with the structured price plan. It is also a fact that cloud computing cannot be considered as the cheapest solution but it still saves the consumer from overrun costs. Hence federal government has introduced the cloud computing to prevent the overrun costs annually.

Reliability

The federal government, with the implementation of cloud computing, can easily alleviate the need of data centers. These services are offered by the data centers having specialization in software, personal management along with the hardware setup. These data centers further accommodate frequent update and upgrade of both the operating software and underlying hardware. Cloud computing is referred as mirror such as the consumer can reach it from anywhere in the world without having any problem regarding location while the data is placed on another location. This phenomenon gives the federal government regarding the reliability of sensitive information and data as it would be able to keep the location of cloud secret while it would be accessible by federal departments.

Scalability

One of the major advantage which is favored by the federal government for the deployment of cloud computing is its scalability. It means that according to the governmental changing demands, the cloud computing environment can be extended or shrunken according to changing needs.

The Environment

The virtualization technology under cloud computing has made its application of flexible due to limiting the utilization of resources during work. The virtualization has enhanced the performance of cloud computing by just making several images of single physical server to allow it work simultaneously. This type of environment has saved the federal government from the waste of many both internal and external useful resources.

Disadvantages

There are several potential risks and issues are associated with the cloud computing which consists of security, privacy, network and internet dependency, service quality etc.

Security

One of the major concern which is being analyzed seriously is the security issue with cloud computing. Apart from federal government departments, there many organizations which percept that they can control the flow of data by keeping the data centers under lock and key on premises this would ensure them the low levels of data leakage outside of that organization. But it cannot happen like this as high levels of expertise, skills and equipment are required to ensure the security measures which are very expansive. This is the very reason which hurdles the implementation of cloud computing. One of the main reasons is that the security guidance regard cloud computing in federal government is vague and incomplete due which it makes it inefficient for the deployment. However, many agencies and organization have sorted out and created their own security guidance and policies but they are not generalized hence cannot be utilized with other departments. However, the datacenters are equipped with the hardware and software layers with the proper protection to prevent the data theft along with the network attacks.

Privacy

The federal government agencies would never tolerate the issue with privacy and they would not even tolerate the server management at different locations. For such cases, the regulation of data storage compliance is ensured as Health Insurance Portability and Accountability Act (HIPPA) and Sarbanes-Oxley Act (SOX). For this purpose, federal government needs the regulations for the retention of data along with the varying needs. However, the implementation of private cloud can easily alleviate this issue along with the proper compliance of regulations.

Internet and Network dependency

The internet is considered the crucial part for cloud computing services as without internet connectivity, it would be impossible to communicate with the data centers at other locations. However, VPN can solve the problem of connectivity to data centers with the security and reliability.

Conclusion

To conclude, the cloud computing is no doubt a lucrative approach for the implementation and deployment of cost effective datacenter for federal government. Cloud computing have opened the chances for federal government to reduce the expenditures which are incurred for the creations, development, implementation and maintenance of own data centers. The cloud computing provides the virtual environment which ensures the robustness, reliability and assurance of data delivery under the specific constraints. The initial deployment of cloud computing has significantly paved its impacts on the performance and transportation of data. The cloud computing is based on architectures which are based on platform, hardware and software. However, federal government has provided the tools to all agencies to incorporate them and produce the cloud computing applications according to their needs. Agencies are free to use the architecture of their own choice or they may also develop one according to their standards or needs. Virtualization is another technology which falls under the cloud computing. The federal government strictly intending to deploy the virtualization technology, one of the major issues which are preventing the deployment of cloud computing is the guidance regarding security measures. NIST and other departments are failed to provide the appropriate security guidance for the progress is pending and efforts are incomplete. But, no doubt, the implementation of cloud computing in federal government would save the taxpayers and billions of annual expenditure of government.

References

Antonopoulos, Nick, & Lee G. (2010). Cloud Computing: Principles, Systems and Applications. London: Springer.

Kazloff J. (2010), Cloud Computing for Learning and Performance Professional: Infoline, NY: American Society for Training and Development.

Miller, M. (2009). Cloud computing: Web-based applications that change the way you work and collaborate online. London: Que Publishing.

Stair, Ralph M. & George R.(2012). Principles of Information Systems. Boston, MA: Course Technology, Cengage Learning.

Sobh, Tarek M., and Khaled E. (2010). Innovations in Computing Sciences and Software Engineering. Dordrecht: Springer.

Sosinsky, A (2011) Cloud Computing Bible. Indianapolis, IN: Wiley.

Wilshusen, G.(2010). Information Security: Federal Guidance Needed to Address Control Issues with Implementing Cloud Computing. New York: DIANE.

Click Here To View Computing Dissertations

Females Computing Industry

An Investigation into the Decline of Female Participation within the Computing Industry (2015)

View This Dissertation Here

In today’s modern world, gender equality is battled for and we strive to ensure the sex of a person in no way obstructs their aims and goals in life. Wages for men and women are on their way to being equal, sexist behaviour is frowned upon and no longer do we live by the stereotypical nature that a man earns the living and the woman makes a home. So why, in this apparently modernized world, do women still remain the minority in STEM based subjects such as, mathematics, science and computing. In a world where more females attend university than males, women still continue to only make up a disproportionately small segment of Computer Science majors. Many factors have been attributed towards the shocking decrease in both women achieving degrees in Computer Science subjects and then continuing to work in those Computer Science subject areas; lack of female role models, gender stereotypes, peer pressure and general lack of interest in the STEM subjects.

Females Computing Industry
Females Computing Industry

The aim of this project is to gain a deeper understanding into why women still steer away from working in Computing. How the idea that a women is incapable of achieving in a Computer Science subject is seen as normal and socially acceptable in the 21st century. To actually listen to women and their experiences of how they were influenced into choosing their career path/degree specialism. To gain a better understanding to why a social stigma still revolves around Computing and why this continues to disenchant females.

The report consists of a background into the research area, primarily focusing on literature review of other similar studies, including specific studies into girls and computing. The different forms of methodology intended to be used to gain more knowledge about girls who study STEM subjects such as interviews, surveys etc. and then how this data will be analysed and then linked with previous studies and research, to show common themes and areas of importance.

The aim of this dissertation project is to build a greater understanding into why this fear of going into the industry still remains strong. Why it still remains normal to go into an A Level ICT class and expect to see a large amount of boys with a scattering of girls to balance it out. To not only understand from females why they either chose to pursue a STEM subject or decided another path in their lives, but to also see the other side, why males feel their female counterparts feel disillusioned towards the degree subject.

View This Dissertation Here