Webservice Spring WS-Security

My previous blog I explain some SOA concept. Now  In this blog I am jumping to some practical and explaining how to setup some basic web services with Spring framework and how to implement some security with web Services. To run this example  you need JDK 1.5+ and spring framework 3.0+

I created some basic configuration. Here are list.
1. applicationContext-service.xml -- It has some basic configuration of web service in spring
2. HelloWorldWS.java -- This class is exposing webservice
3. HelloWorldServiceHandler.java -- This class is monitoring incoming request and outgoing message. Here we implement WS-security.
4. HelloWorldManager.java -- This class  is interface for business implementation.
5. HelloWorldManagerImpl.java -- This class has business implementation.

Now lets start how I implemented this web service. here are codes.

1. applicationContext-service.xml --

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"

       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

       xmlns:wss="http://jax-ws.dev.java.net/spring/servlet"

       xmlns:ws="http://jax-ws.dev.java.net/spring/core"

       xsi:schemaLocation="http://www.springframework.org/schema/beans

            http://www.springframework.org/schema/beans/spring-beans-3.0.xsd

            http://jax-ws.dev.java.net/spring/core

            http://jax-ws.dev.java.net/spring/core.xsd

            http://jax-ws.dev.java.net/spring/servlet

            http://jax-ws.dev.java.net/spring/servlet.xsd">

    <bean id="constantMap" class="java.util.HashMap" />

    <ws:service id="SOAPservice" bean="#helloWorldWS">

            <ws:handlers>

                <ref bean="helloWorldHandler" />

            </ws:handlers>

        </ws:service>

        <wss:bindings id="jaxWs">

            <wss:bindings>

                <wss:binding url="/webservices/HelloWorldService">

                    <wss:service>

                        <ref bean="SOAPservice"/>

                    </wss:service>

                </wss:binding>

            </wss:bindings>

        </wss:bindings>

        <bean id="helloWorldHandler" class="com.worldofsoa.service.handler.HelloWorldServiceHandler">

            <property name="constantMap" ref="constantMap" />

        </bean>

        <!-- Injecting DAO Object -->

        <bean id="helloWorldManager">

            <property name="target">

             <bean class="com.worldofsoa.service.impl.HelloWorldManagerImpl">

                <property name="userDAO"><ref bean="userDAO"/></property>

             </bean>

            </property>

        </bean>

        <bean id="helloWorldWS" class="com.worldofsoa.service.impl.HelloWorldWS">

            <property name="helloWorldManager"><ref bean="helloWorldManager"/></property>

    </bean>

  </beans>

2. HelloWorldWS.java

package com.worldofsoa.service;

import javax.annotation.Resource;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebResult;
import javax.jws.WebService;
import javax.jws.soap.SOAPBinding;
import javax.xml.ws.WebServiceContext;

import com.worldofsoa.service.HelloWorldManager;

import com.worldofsoa.xml.schema.PeopleInfoRequest;
import com.worldofsoa.xml.schema.PeopleInfoResponse;

@WebService (targetNamespace="http://www.worldofsoa.com/helloWorldService",serviceName = "HelloWorldService")
@SOAPBinding(style=SOAPBinding.Style.DOCUMENT, use=SOAPBinding.Use.LITERAL, parameterStyle=SOAPBinding.ParameterStyle.WRAPPED)
public class HelloWorldWS {

    private HelloWorldManager helloWorldManager;

     @Resource
        WebServiceContext context;

    @WebMethod(exclude=true)
    public void setHelloWorldManager(HelloWorldManager helloWorldManager) {
        this.helloWorldManager = helloWorldManager;
    }

    @WebMethod(operationName = "getPeopleInfo")
    @WebResult(name = "PeopleInfo", partName = "PeopleInfo")
    public PeopleInfoResponse getPeopleInfo(@WebParam(name = "PeopleInfoRequest", partName = "PeopleInfoRequest",targetNamespace="http://www.worldofsoa.com/helloWorldService") PeopleInfoRequest peopleInfoRequest) throws Exception {
        return helloWorldManager.getPeopleInfo(peopleInfoRequest);
    }

}

3. HelloWorldServiceHandler.java

package com.worldofsoa.service.handler;

import java.io.ByteArrayOutputStream;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;

import javax.xml.namespace.QName;
import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPEnvelope;
import javax.xml.soap.SOAPHeader;
import javax.xml.soap.SOAPMessage;
import javax.xml.soap.SOAPPart;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import javax.xml.soap.Name;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

public class HelloWorldServiceHandler implements SOAPHandler<SOAPMessageContext> {

    private static final Log log = LogFactory.getLog(HelloWorldServiceHandler.class);

    /** The Constant USERNAME_TOKEN_STRING. */
    private static final String USERNAME_TOKEN_STRING = "UsernameToken";

    /** The Constant USERNAME_STRING. */
    private static final String USERNAME_STRING = "Username";


    /** The Constant PASSWORD_STRING. */
    private static final String PASSWORD_STRING = "Password";

    private Map<String, String> constantMap;

    public Set<QName> getHeaders() {
        return null;
    }

    public void close(MessageContext context) {
    }

    public boolean handleFault(SOAPMessageContext context) {

        logToSystemOut(context);
        return true;
    }

    public boolean handleMessage(SOAPMessageContext context) {
        Boolean outboundProperty = (Boolean) context
                .get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
        boolean isSoapRequestHandle = false;

        if (outboundProperty.booleanValue()) {
            isSoapRequestHandle = true;

            /* ************************************************************************
             *    If you are manupulating outgoing header then you need to add this code
             *
             **************************************************************************
             * try { SOAPMessage message = context.getMessage();
             *
             * SOAPPart sp = message.getSOAPPart();
             *
             * SOAPEnvelope envelope = sp.getEnvelope();
             *
             * SOAPHeader header = envelope.addHeader();
             *
             * SOAPElement security = header.addChildElement("Security", "wsse",
             * "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
             * );
             *
             * SOAPElement usernameToken =
             * security.addChildElement("UsernameToken", "wsse");
             * usernameToken.addAttribute(new QName("xmlns:wsu"),
             * "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
             * );
             *
             * SOAPElement username = usernameToken.addChildElement("Username",
             * "wsse"); username.addTextNode("TestUser");
             *
             * SOAPElement password = usernameToken.addChildElement("Password",
             * "wsse"); password.setAttribute("Type",
             * "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"
             * ); password.addTextNode("TestPassword");
             *
             * //Print out the outbound SOAP message to System.out
             * message.writeTo(System.out); System.out.println("");
             *
             *
             *
             * }catch (Exception e) { e.printStackTrace();
             *
             * }
             */
        } else {
            try {

                SOAPMessage message = context.getMessage();
                SOAPPart sp = message.getSOAPPart();

                SOAPEnvelope envelope = sp.getEnvelope();

                SOAPHeader sh = envelope.getHeader();
                isSoapRequestHandle = processSOAPHeader(sh);

                message.writeTo(System.out);
                System.out.println("");

                if (!isSoapRequestHandle) {

                    SOAPElement errorMessage = sh.addChildElement(
                            "errorMessage", "error",
                            "http://worldofsoa.com/helloService/error");
                    SOAPElement error = errorMessage.addChildElement("error");
                    error.addTextNode("Authentication Failed !!!");

                }
            } catch (Exception e) {
                e.printStackTrace();
            }
        }

        logToSystemOut(context);
        return isSoapRequestHandle;
    }

    private void logToSystemOut(SOAPMessageContext smc) {
        Boolean outboundProperty = (Boolean) smc
                .get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);

        if (outboundProperty.booleanValue()) {
            log.debug("\nOutgoing message:");
        } else {
            log.debug("\nIncoming message:");
        }

        SOAPMessage message = smc.getMessage();
        try {
            log.debug(handleRequestAndResponse(message));
        } catch (Exception e) {
            System.out.println("Exception in handler: " + e);
        }
    }

    private String handleRequestAndResponse(SOAPMessage msg) {
        ByteArrayOutputStream obj = new ByteArrayOutputStream();
        try {
            msg.writeTo(obj);
            return obj.toString();
        } catch (Exception ex) {
            obj = null;
            ex.printStackTrace();
        }
        return "";
    }


    private boolean processSOAPHeader(SOAPHeader sh) {
        boolean authenticated = false;

        // look for authentication header element inside the HEADER block
        Iterator childElems = sh.getChildElements();
        SOAPElement child = extractUserNameInfo(childElems);
        if (child != null) {
            // call method to perform authentication
            authenticated = authenticateRequest(child);
        }
        return authenticated;
    }

    private SOAPElement extractUserNameInfo(Iterator childElems) {
        SOAPElement child = null;
        Name sName;
        // iterate through child elements
        while (childElems.hasNext()) {
            Object elem = childElems.next();

            if (elem instanceof SOAPElement) {
                // Get child element and its name
                child = (SOAPElement) elem;
                sName = child.getElementName();
                // Check whether there is a UserNameToken element
                if (!USERNAME_TOKEN_STRING.equalsIgnoreCase(sName
                        .getLocalName())) {

                    if (child.getChildElements().hasNext()) { // TODO check
                                                                // logic
                        return extractUserNameInfo(child.getChildElements());
                    }
                }
            }
        }

        return child;
    }

    private boolean authenticateRequest(SOAPElement element) {

        boolean authenticated = false;

        // variable for user name and password
        String userName = null;
        String password = null;
        Name sName;

        // get an iterator on child elements of SOAP element
        Iterator childElems = element.getChildElements();

        SOAPElement child;
        // loop through child elements

        while (childElems.hasNext()) {
            // get next child element
            Object elem = childElems.next();

            if (elem instanceof SOAPElement) {
                child = (SOAPElement) elem;

                // get the name of SOAP element
                sName = child.getElementName();

                // get the value of username element
                if (USERNAME_STRING.equalsIgnoreCase(sName.getLocalName())) {
                    userName = child.getValue();
                } else if (PASSWORD_STRING.equalsIgnoreCase(sName
                        .getLocalName())) {
                    // get the value of password element
                    password = child.getValue();
                }

                if (userName != null && password != null) {

                    // ClientLoginModule.login("WEBSERVICE" + "^" + userName,
                    // password);
                    // return true;

                    authenticated = getUserAuth(userName, password);

                    break;
                }

            }
        }

        if (userName == null || password == null) {
            log.warn("Username or password is empty. userName : [" + userName
                    + "], password : [" + password + "]");
        }

        return authenticated;

    }

    public Map<String, String> getConstantMap() {
        return constantMap;
    }

    public void setConstantMap(Map<String, String> constantMap) {
        this.constantMap = constantMap;
    }

    private boolean getUserAuth(String username, String password) {

        //Constant Map populated with database information
        String dbUserId = (String) constantMap.get("useIdFormDatabase");
        String dbPassword = (String) constantMap
                .get("passwordFormDatabase");

        if (dbUserId.equalsIgnoreCase(username) && dbPassword.equals(password)) {
            return true;
        }

        return false;
    }
}

4. HelloWorldManager.java --


package com.worldofsoa.service;


import com.worldofsoa.xml.schema.PeopleInfoRequest;
import com.worldofsoa.xml.schema.PeopleInfoResponse;

public interface HelloWorldManager {

    public PeopleInfoResponse getPeopleInfo(PeopleInfoRequest peopleInfoRequest) throws Exception;

}

5. HelloWorldManagerImpl.java --

package com.worldofsoa.service.impl;


import java.math.BigDecimal;
import java.math.BigInteger;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;

import javax.xml.datatype.DatatypeConfigurationException;
import javax.xml.datatype.DatatypeConstants;
import javax.xml.datatype.DatatypeFactory;
import javax.xml.datatype.XMLGregorianCalendar;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.jdbc.support.incrementer.DataFieldMaxValueIncrementer;

import com.worldofsoa.dao.UserDAO;
import com.worldofsoa.model.PeopleVO;
import com.worldofsoa.service.HelloWorldManager;

import com.worldofsoa.xml.schema.ObjectFactory;
import com.worldofsoa.xml.schema.Person;
import com.worldofsoa.xml.schema.PeopleInfoRequest;
import com.worldofsoa.xml.schema.PeopleInfoResponse;



public class HelloWorldManagerImpl implements HelloWorldManager {


    private UserDAO userDAO;




    public PeopleInfoResponse getPeopleInfo(PeopleInfoRequest peopleInfoRequest) throws Exception {

        ObjectFactory factory = new ObjectFactory();
        PeopleInfoResponse peopleInfoResponse = factory.createPeopleInfoResponse();

        PeopleVO peopleVO = new PeopleVO();
        peopleVO.setPeopleId(peopleInfoRequest.getPeopleId());

        peopleVO = userDAO.getPeopleInfo(peopleVO);

        Person person = factory.createPerson();

        person.setFirstName(peopleVO.getFirstName());
        person.setLastName(peopleVO.getLastName());
        person.setType(peopleVO.getPeopleType());
        person.setCreateDate(getXmlDate(peopleVO.getCreateDate()));

        peopleInfoResponse.setPerson(person);

        peopleInfoResponse.setMessage(SUCCESS_MESSAGE);
        peopleInfoResponse.setSuccess(true);

        return peopleInfoResponse;

    }

    private XMLGregorianCalendar getXmlDate(Date date) {
        try {
            GregorianCalendar cal = new GregorianCalendar();
            cal.setTime(date);
            XMLGregorianCalendar gc = DatatypeFactory.newInstance().newXMLGregorianCalendar(cal);
            gc.setTimezone(DatatypeConstants.FIELD_UNDEFINED);
            gc.setTime(DatatypeConstants.FIELD_UNDEFINED,
                    DatatypeConstants.FIELD_UNDEFINED,
                    DatatypeConstants.FIELD_UNDEFINED);
            return gc;
        } catch (DatatypeConfigurationException e) {
            log.warn("Cannot format expxiration date: " + date);
            return null;
        }catch(Exception ex){
            log.warn("Cannot format expxiration date: " + ex);
            return null;
        }
    }

    public void setUserDAO(UserDAO userDAO) {
        this.userDAO = userDAO;
    }

}

Cloud Security

Now most of the company wants to embrace cloud computing but security is one of the main concern for these companies. Still CEO or CTO of the companies are feeling uncomfortable to use cloud computing. As an Architect, I also feel this is the one of the main area that cloud based application should focus. According to Gartner, There are seven risk factors for cloud computing.

1. Privileged user access
2. Regulatory compliance
3. Data location
4. Data segregation
5. Recovery
6. Investigative support
7. Long-term viability

There are different levels of risk for different type of cloud. Public cloud is front runner in risk among all other types of cloud.
In top of these risks still companies are thinking about cloud implementation in their organization. Companies are saying, risk is everywhere and you should mitigate these risks or overcome these risks.
Cloud is on demand service by provider to consumer, so there should be good understanding of cloud security between provider and consumer like good service level agreement and contract requirement between provider and consumer.
Here are few points to mitigate risks on cloud.

1. Secure logon – In cloud make sure every user has unique user id with proper authorization on cloud. It should be managed properly and it should access directory structure to provide access control.


2. Encrypted data – When you are accessing data on cloud particularly SAAS on public cloud, data should be properly encrypted and it should follow government privacy law (GLBA, DPPA, FCRA, HIPAA, etc.).

3. Secure Data backup – Data backup is one of the key areas where provider and subscriber should focus about security. There should be clear understanding between provider and subscriber in SLA (Service Level Agreement) about data backup security. There should be secure tool to data transfer, backup data and restore data in cloud.

4. Virtualization Security – Virtualization is back bone of cloud computing. There are multiple risks associated with hardware or software virtualization like VM (Virtual machine) isolation, hypervisor or multi-tenancy. To mitigate risk there should be strong and clear isolation level among different VM. There should be good administrative access and control of VM and also good reporting and logging tool for different VM and administration.


5. Application Security -- There are big challenges of application security in different layers of cloud as SAAS, PAAS or IAAS. Application vulnerability is available in almost all level and layer of cloud. To mitigate application vulnerability in cloud we should focus on some of security point as given below.

a) Secure communication between application host machine and consumer.

b) Audit and review the application security on cloud in each level of SDLC (Software
    Development Life Cycle).

c) There should be clear security SLA (Service Level Agreement) of application between
    cloud provider and consumer for each layer of clouds (SAAS, PAAS, and IAAS).

d) Encrypted Application data should transit over network.

Share

What is ESB?

Few days back, one of my friends asked me, what is ESB? How does ESB fit in SOA? It was an interesting question. Let me explain how does ESB work for SOA.

     Initially when organization was going to webservice they were getting issue with integration, orchestration, communication, transaction with services etc. Whenever they were making any change in vendor or services, this change was propagating to code and application. It was big change management for any small change in business or vendor services. It was also taking long time and resources to make any change in business or vendor services. There was no clear SLA (Service Level Agreement) between consumer and service provider.

   ESB (Enterprise Service Bus) gave major contribution to overcome all these issues. ESB is back bone of SOA. It provides pluggable architecture which enables easy decoupling of producer from consumer. It is an extension of EAI (Enterprise Application Integration), an earlier version of middleware, but it adds several other features. ESB is XML based technology. You can define end point, routing rule of message, transaction, or security in xml without doing any line of coding. ESB has clear SLA (Service Level Agreement) between consumer and service provider. Here are the main features of ESB.
1. Service Virtualization – ESB provides loosely couple architecture. You can couple or decouple your services without touching any part of code or services. In ESB you can define end point for each services and their routing rule. You can easily add or remove these services from ESB. Service virtualization gives an ability to define abstract service end point instead of using actual physical address.

2. Service Enablement – Organization were struggling to enable legacy system as services. ESB adapter such as JDBC adapter, Mainframe adapter etc., gives more flexibility to create SOAP based Webservice of any organization. This functionality reduces your IT investments and you can reuse your existing system.

3. Asynchronous Communication – ESB is the key infrastructure for message process and rerouting. ESB provides the platform for asynchronous message with intelligent transformation and rerouting to ensure messages are passed reliably. Services participate in the ESB using either Web services messaging standard or the JMS (Java Messaging System).

4. Protocol Bridging – ESB provides bridging between inbound message and out bound message. Like ESB gets inbound message as HTTP protocol and send to outbound as JMS protocol in one message flow. Both inbound message and outbound message communicate each other without knowing each other protocols.

                       

Share

What is virtualization?

Virtualization concept came in 1960. It was brought by IBM for the Mainframe server to fully utilize hardware resources by logical partitioning them in virtual machine (VM). In 1980’s and 1990’s era, we almost forgot this technology due to rise of desktop and client server computing.
After this era we jumped on distributed computing technology. Company started to use multiple servers to execute their application. Each server took extra space and used more power and cooling which gave rise to extra expenditure cost to run application.
To overcome all this extra expenditure company started to explore virtualization. VM ware is one of the leading companies which provide virtualization. Virtualization is old technology in new box with more powerful resources and options.
Virtualization is the partitioning of not only mainframe server but any physical server into multiple virtual servers. It gives organization maximum utilization of hardware with same CAPEX (ongoing capital expenditure) and OPEX (ongoing Operational expenditure). Each server acts like a real physical server that can run on operating system with just like physical server. Now companies are partitioning their physical server into multiple virtual servers and run their application on virtual servers with same resources and less expenditure.

There are three different types of virtualization

1.        Hardware virtualization – Hardware virtualization allow us to run different OS (Operating Server) and different servers simultaneously on the same hardware. 
2.        Desktop virtualization – Desktop virtualization allow us to run different desktop for different users simultaneously on the same hardware.
3.        Storage virtualization – Storage virtualization is the pooling of physical storage from multiple network devices on the same hardware.

Share

Why SOA?

In my last blog, I explained about SOA. Now, I am going to explain why we need SOA in addition to all existing technologies. Why is business embracing this technology?

Our IT industry is around 40 years old. When IT industry had started, most of the applications were running on Mainframe. Most of the applications were available through centralized server (Mainframe server). Now IT industry is maturing and it is growing from a centralized infrastructure to a distributed infrastructure. Organizations are transitioning from bus computing to cloud computing. There are many software applications, software platforms and operating systems in there market. Business models are also changing very fast. IT industry is also changing along with business models. IT industry has to support both legacy systems and new systems.

 
SOA is a good solution to make a code work with new system and the legacy system at same time. I am summarizing some of the points, why I feel that an organization should implement SOA.

1. Modular and loosely coupled  -- SOA cuts big monolithic systems and services into small modular services. SOA not only disengages the process from system but it also makes loose couple among systems. If, for instance, a SOA implemented organization wants to implement a new service (Internal service, External service or Cloud based services), it can just plug that service or remove that service from the organization system without touching any existing system.
   
2. Business Driven  -- Now a days, business changes very fast. Mergers and Acquisitions are very common phenomena. Business needs are also changes frequently. There are different permutations and combination coming in market. IT also has to synchronize with all these business permutations and combination. SOA gives flexibility to work with all these changes with minimal effort. SOA is very close to business as well as the business people. One can define or change business process to address business needs in very small time with minimal effort. In short, organization business can change quickly along with the fast changing market.
   
3. Platform Independent -- SOA is completely platform independent. SOA service client or consumer can use SOA service without knowing SOA service provider platform, language or operating system. So, one can write SOA service without worrying about who is going to consume the service.
   
4. Easy Service enablement  -- There was big challenge for any organization to make any change in existing legacy system. SOA provides an easy tool to enable existing monolithic application or legacy mainframe system into a SOA service without knowing anything about those systems. Through SOA tool, one can expose interface(s) from existing system as service and use this service in other applications without touching any existing functionality. 
   
5. Low Cost development and maintenance -- As I stated earlier, SOA is modular and loosely coupled. So one can implement new service or modify existing service(s) without touching any other service or application. As a result, it takes very small effort and time to make any change in application that uses SOA. SOA also provides the flexibility, such that service can be reused in any other application. For example, if an organization is using third party service (SAAS) for an application, it can reuse this service in other applications without investing on license, server space or maintenance. In other words, if organization builds a service for one application, it can reuse this service in multiple applications.
   
6. Easy learning curve -- SOA is modular and loosely coupled, as such, it has a very easy learning curve. One can start to work on any service without knowing the whole application. SOA technology is completely based on XML and it is one of the easiest technologies and it is accepted by all applications and software.
   
7. Increased operational efficiency -- To reuse existing SOA service, one can create new service by using current system or service. In summary, SOA helps us in creating and delivering a new product quickly.     
   

Share

Types of Cloud Computing

In my earlier post, I explained about cloud? Now I am going to explain about different types of cloud computing and layers of cloud computing.

Based on organization’s business, economy and technical need, we divide Cloud in different category.

Cloud computing is define in three major technology layers. These are SAAS (Software As A service), PAAS (Platform As A Service) and IASS (Infrastructure As A Service).

        1. SAAS (Software As A Service) - This is the top technology layer of Cloud Computing and oldest among these three. Under this layer organization gets fully functional applications on-demand to provide specific services such as email management, CRM, ERP, web conferencing and an increasingly wide range of other applications. These software licenses are managed by Cloud computing company.

      2. PAAS (Platform As A Service) – Second layer of cloud computing is PAAS (Platform As A Service). In this layer organization gets mostly an operating environment to develop application, to run application or to deploy application. PAAS provides operating environment like Java, J2EE, .Net, Window, Linux etc.

      3. IAAS (Infrastructure AS A Service) – This layer provides all basic, physical and virtual resources used in application for any organization. This includes virtual platform (space on server) on which required operating environment and application are deployed. It also includes storage and datacenter.

 In other dimension, there are 4 types of cloud computing service available.  These are Public, Private, Community and Hybrid computing.

      1. Public cloud (External Cloud) – Public cloud is offering service by third party vendor over internet. If any vendor provides infrastructure, data center, search or other service to any organization, then it comes in public cloud type. This type of cloud shares  some benefit like efficiency, High availability, elastic capacity, Low upfront cost, less or no hardware setup and less or no system management.  This type of cloud computing service is provided by Amazon EC2, Microsoft Azure, Sun Microsystem cloud, Salesforce etc.  

      2. Private cloud (Internal cloud) - Private cloud is set up and managed by an enterprise’s own IT department and run inside the organization firewall. If any organization has large number of user and resources, then organization hosts cloud computing within their own firewall. This type of cloud computing is dedicated to that organization. It does not share any resource outside their organization. Any big organization like AT&T, Verizon or Bank of America open their infrastructure or data center near to low cost area and makes the service  available  through their own cloud, then it called as private Cloud computing. It shares some benefit like efficiency, High availability, elastic capacity, Lower cost over time, full access and flexibility, direct control over quality, service and security.

       3. Community cloud (Semi-private cloud) – Community cloud is offering service for similar type of business company. This type of cloud is public cloud but it focuses on same vertical domain companies. Like if any cloud dedicated to government or banking organization and it is serving only those types of organization, then it come as community cloud. It shares some benefit like efficiency, High availability, elastic capacity, expertise in domain knowledge, less cost over time compare to public cloud.

       4. Hybrid cloud (Integrated cloud) - Hybrid cloud is combination of any or all of the other types of cloud.  This type of cloud is  gaining lot of popularity among organizations.  This type of cloud computing give organization more flexibility to manage and share resource between private and public cloud. Like if  any organization host their application in public cloud and during peak sales time they need more server and space to handle this request, they can go for public cloud. In this type of cloud computing Model Company keeps  all sensitive data (transaction or credit card data) in private cloud and less sensitive data in public cloud. It shares  benefits like efficiency, High availability, elastic capacity, more control over quality, service and security, less cost over time compare to public and community cloud.

Share

What is cloud computing?

There are lot of buzz around cloud computing. Almost all big and small companies are talking about cloud computing.

                Cloud computing is service of IT (Information Technology) infrastructure and managed sharing of IT resources.

In network diagram(as shown below) internet icon is displayed like cloud. This typically means an area of the diagram or solution that is some else’s concern. The word Cloud in cloud computing is derived from this diagram.  

To understand more about cloud computing we take a car rent example. User rents a car when he needs. User never worries about car maintenance, insurance or other car expenses, he pays for car rent service only.

 Similar to car rent, cloud computing provides service over the internet.  The beauty of cloud computing is that other company hosts your application. That means they handle the cost of server, maintenance of server and manage software update as per user’s requirement. User pays less for service only. User can increase or decrease service of server as per application requirement. Like user need more server instances in November and December month due to high volume of traffic. So user can demand more server instances for those months only. There is no need to keep all server instances for the whole year. In this way the company saves a lot of money in maintenance of server.
    In summary, Cloud computing provide rapid access to computing at a lower cost of ownership, enabling companies to perform operation that may have previously been unaffordable or impractical.