Ramgopal Subramani VP – Engineering Perfios Software Lets Manage Money Better 1
On On-dem demand and self lf-se servic rvice e Ub Ubiq iquit uitous ous network rk access ss Locatio ion n in indepen penden dent t resource rce pooli ling Rapid id ela lastici icity ty Pay per r use 2
3
4
5
Infrastructure Cost $ You just lost Large customers Capital Expenditure Predicted Demand Opportunity Traditional Cost Hardware Actual Demand Automated Virtualization time 6
Design Considerations 7
Business Team Money IT Management Application Support Manage Maintain 8
2005 1902 1970 Vs. 9
IPL 6 Daily stock Income Tax eFiling analysis by large retailer Large processing Seasonality of Animation Movie Christmas Sale cycles Usage required Algorithmic Trading Large volume of data to be processed Video surveillance Amazon Suggestions Call Detail Records 10
Operational Other Considerations Management Functionality that Auditability & does not require Forensics of Job user intervention No trailing Data Data should be Footprint transient Diagnostics Persisted Cost Per Instance 11
Design Considerations 12
Will confidentiality of my data be maintained 1 1 = 2 + Will my data be tamper-proof Will my data be safe and not accessible to anyone Will my data be isolated Will my data be protected by law and contractually binding 13
• Application Data • Auditability Security • Portability & • Key Management Interoperability • Identity & Access Management Operations Reporting 14
IAAS PAAS SAAS Data in Transit Data at Rest Access Control 3 rd Party API provide access control Data Lineage Data Bread Crumbs 3 rd Party API provide Provider to be audited data trail control for data trail control mechanism mechanism Data remanence Purge all transient 3 rd Party API provide Provider to be audited data data purge for data purge 15
Payment Application Bank/Credit Gateway Card Payment Payment Medium Page Page Selection User er Ident entity ty Available Uniq ique ue Perfios Transaction Id Gateway Transaction Id Ident entifi fier Resp spon onse Gateway Transaction Id Gateway Transaction Id Identi entifi fier Perfios Transaction Id Resp spon onse e Name, Amount, Bank Ref# Bank Ref#, Bank Detail, Data ta Amount No Account or Card Detail shared with Payment Gateway 16
Design Considerations 17
Where is the data/sensitive data being stored ? Who all have access to the data? What is Data Jurisdiction? What Standards are being adhered to? 18
• Information • ISO 27001 Lifecycle • PCI DSS Management • SAS 70 • Compliance • HIPAA, GLBA, SOX Governance Standards Source:- www.cloudsecurityalliance.org Deployment Model 19
Design Considerations 20
DC In Infrastruc astructure ture Cloud Infras astru tructure cture Availability Zone Database Failure Region Failure Cloud Provider Failure Web/App Server Failure Load Balancer Failure DNS Failure 21
Build for Server ver Failur ure Setup Auto-scaling • Database Mirroring • Dynamic DNS • Elastic Load Balancer • Build for Z Zone ne Failure re Spread across multiple Availability Zone • Replicate data across zone • OR Build for Regi gion on Failure re Spread across multiple Geographical regions • Replicate data across regions • Build for C Cloud Provider der Failur ure 22
On-Demand Scalability High High High Data Security High High Low Compliance High Low High High Availability High Low High 23
IAAS PAAS SAAS Extent of High Medium Low Control Data Auditing Highly Granular Framework Low ability dependent Compliance Implement Framework Reporting Support dependent 24
Cloud brings an complete extra layer of complexity in your design Cloud has to be rightly leveraged Identify components that can scaled on-demand Cloud can scatter your data Remember to track your data Leave no data foot print behind Your compliance requirements should determine your deployment model Cloud can also fail Choose your right availability strategy High availability also means high cost Portability across Provider is non-trivial exercise 25
For more details: Ramgopal gopal Su Subr bramani mani ramgopal@perfios. mgopal@perfios.com com www.perfio w.perfios. s.com com 26
Recommend
More recommend
