Popular cloud computing services: the PaaS (Platform as a Service)

One model for many developing companies, particularly those who are developing new software is Paas.  Paas or Platform as a Service is somewhere in between Iaas and Saas services because while it is not as restrictive as Saas it also is not as flexible as Iaas.  Paas lets the customer scale their operations according to their growth, and helps with development by having a consistent platform for a group of developers.

One use for Paas is for developing programs from multiple remote videos xxx locations, because its services streamline the programing side.  By standardizing the available products or tricks in the bag, multiple people can remotely add to the programs being designed by the engineers without stepping on each others toes.  It is often used by companies that offer specialized services to other companies.  A company offering these services will often rent a cloud platform that gives them tools to then design programs for other companies to use.  The service is the platform like a Windows or Mac platform, except not as simple and customized by the Cloud providers themselves.

Paas is a convenient tool for developers and others who wish to coordinate their projects onto interpretable software.  A developer of some sort often needs to be working in the same language as their coworkers, to be able to integrate their particular designs with each other.  And for many companies that have developers working remotely this helps keep their work on the same level.  Paas works for other types of structures as well, a company that provides a software service to other companies may use Paas system to supplement their own servers.  The cloud is often used as a way for start-ups to avoid many of the costs associated with owning a server.  Paas is often a ‘pay as you go’ platform, meaning you can pay as your need arises.  If you need to rent more space you can pay according to your needs.  This helps young start-ups get costs associated with initial investments down.  Though by no means is a Paas provider limited to a start-up as their customer base.  A more developed company might want to use a Paas system to streamline operations.

Though the customer base for Paas is generally designers who offer applications for consumption, the advantage to using a platform specific Cloud service is that the customer can write all the code, and not be tied down to creating up the entire infrastructure of Iaas.  Saas services just wouldn’t work for developers.  The platform provided by the cloud services frees the developers up to work on more necessary tasks.

Paas customers can be varied, not limited to software developers alone.  A Paas provider might simplify their platform to provide more basic services that allow a company to have many built-in features.  While Saas and Iaas have elements of this, Paas is more variable in what it offers from provider to provider.  The Paas system is not as simple as a Saas system or an Iaas system.  The Iaas systems tend to be more hardware oriented, where the platform and software are already developed; in this way it is generally utilized by companies that already have a product to push out.  The Paas while solely for developing companies enables a developer to utilize the Cloud offering at all ends of their development process.

Paas in this way really enables new ideas and new developments in the tech world. Essentially keeping an application or web developer set from the beginning to the end. Though as the company grows they may want to consider hosting their own servers or depending on their needs renting out an Iaas host down the road.  But having the availability of the Paas enables young companies to begin and sell their products by saving them from hardware and various software development tools needed to really make excellent products.

VM snapshots for efficient Forensic Investigation

Cloud computing is a technology which allows users to access storage, software, and infrastructure and deployment environment based on a model named “pay-for-what-they-use”. The nature of the cloud environment is that it is multi-tenant and dynamic as there is a need for addressing the various legal, technical and organizational challenges regarding the cloud storage.

With the dynamic nature of the cloud environment, it is possible for digital investigations to be carried out in the cloud environment. Digital forensics has to adhere to a number of steps as it was the case with traditional computer forensics. These steps include Identification, Collection, Examination and Reporting/ Presentation. The first step involves identifying the source of evidence, while the collection phase involves identifying the actual evidence and collecting the necessary data. The examination stage involves analyzing the forensic data, while in the reporting phase, the found evidence is presented in a court of law.

The digital investigators experience challenges as a result of the legal, technical and organizational requirements. If some compromise is made on the part of the CSP, then the evidence which is provided will not be genuine. It might have happened the data you are relying on as evidence was injected by a malicious individual.

A number of digital devices are currently using the cloud, but the investigators are given little chance to obtain the evidence. The available Agreement may not be stating the role of the CSP in carrying out the investigation and its responsibility during the time of happening of the crime. The CSP might have failed to keep logs which are an important part in getting evidence regarding the occurrence of a crime. The investigator also has to rely on the CSP for collection of the necessary log files, and this is not easy. Many researchers have clearly stated that many investigators experience difficulties in trying to collect the log files.

The cloud service provider will provide their clients with a number of different services, and it has been found that only a few customers from the same organization will be accessing the same services. Malicious users are capable of stealing sensitive data from the other users and this can negatively affect the trust of the CSP. There is a need for the cloud to protect against these malicious activities by use of Intrusion Detection Mechanisms for monitoring the customer VMs and in detecting malicious activity.

A user can create his or her physical machine to create a VM. Other than for the user having to request, some cloud software such as the OpenStack and eucalyptus will create snapshots from a VM which is running and then store the snapshots till when the VM has terminated. If you reach the maximum VMs, then the older VMs will be deleted from the system. The snapshots from a cloud environment are a great source of digital evidence and they can be used for the purpose of regenerating events. It is hard for us to store numerous snapshots. The snapshots have also been found to slow the virtual machine, and this is determined by the rate at which it has changed since when it was taken and the period of time for which it is stored.

Malicious activities will always be identified in case the users of the VM carry out actions such as uploading a malware to the systems in our cloud infrastructure, excessive access from a location, or by performing numerous downloads or uploads within a short period of time. Other activities which can be suspicious include cracking of passwords, launching of dynamic attack points and deleting or corrupting some sensitive organization data.