[ Winter 2014 ] SCHEME OF EVALUATION PROGRAM B.SC(IT

[
PROGRAM
SEMESTER
SUBJECT CODE &
NAME
CREDIT
BK ID
MAX. MARKS
Winter 2014
] SCHEME OF EVALUATION
B.SC(IT-IMS)
SEMESTER 5
BIME5010- Virtualization & Cloud Computing
4
B1766
60
Q.No
Question and Scheme of Evaluation
Unit/
Page No.
Marks
Total
Marks
1
Explain briefly with a figure the binary translation approach to x86
virtualization.
By using a combination of binary translation and direct
implementation techniques, VMware is capable of virtualizing any
x86 operating systems. The approach that is illustrated in the figure
1, translates kernel code to substitute nonvirtualizable instructions
with new series of instructions that have the anticipated effect on the
virtual hardware……
2/25
4+6
10
4
10
A
Let us now consider figure 1 which illustrates binary translation
approach to x86 virtualization.
6
Figure 1 : Binary Translation Approach to x86 Virtualization
The blend of direct execution and binary translation provides full
Page 1 of 5
2
A
virtualization because the virtualization layer completely abstracts
(fully decouples) the guest operating system from the underlying
hardware.
Compare Pass Through and Hypervisor Emulation Methods.
A
10
Pass through
method
Hypervisor emulation
method
I/O
Performance
High performance
due to direct
execution
Incurs large overhead as
a result of emulation
Hardware
transparency
Clustering
availability for
standby system
Difficult to gain the
correct response for
control accesses
File system
transparency
Availability of LAN
free backup /
DBMS use
Prevention of Common
system use due to the
virtual file system
2½
Disk
virtualization
Is not supported
Availability of virtual
machine migration
2½
Feature
3
3/58
Discuss any four areas of an organization which has the effect of
cloud computing.
2½
2½
8/135
Finance

Internal audit

Tax

Risk and compliance

Marketing and sales

Vendor lock-in
10
10
10
The few areas of the organization which has the effect of cloud
computing.

10
10
4*2 ½
Explain any four of the above in detail
4
Compare Public, Private and Hybrid clouds
13/217
Page 2 of 5
3½ +
3+3½
10
A
10
Public cloud
When an organisation decided to go for the public cloud

When lots of people used your standardized workload for
applications. Email is the best example.

You need to test and develop application code.

You have SaaS (Software as a Service) applications from a
vendor who has a well-implemented security strategy.

You need incremental capacity (to add compute capacity for
peak times).

When organisation concentrating on collaboration projects.

Involved in ad-hoc software development project using a PaaS
(Platform as a Service) contribution.
3½
But many organisations especially IT based are concerned
about its privacy and security as reliable factor. But this can be
overcome with the support of legal and governance support.
Private cloud
On the other hand when an organisation wants to go for private
cloud

Your business is your data and your applications, where you
need to fullest control over your data and its security.

When your role is a part of sensitive business where you need to
confirm the data security and private issues. Private clouds will
be the correct choice to meet those requirements.

Your company is large enough that you have the economies of
scale to run a next generation cloud data center efficiently and
effectively.
Hybrid cloud
A hybrid cloud is the combination of one or more public and private
clouds. A hybrid cloud is typically offered in either one of the
following ways

Vendor has a private cloud and forms a partnership with a public
cloud provider.

Public cloud provider forms a partnership with a vendor that
provides private cloud platforms.
In a hybrid cloud computing environment the organization itself
provides and manages some resources locally, and the remaining
other resources provided externally.
Page 3 of 5
3
3½
10
5
Explain the following
 Interoperability in cloud
 Security in cloud
14/234
A
Interoperability
Interoperability refers to cloud users being able to take their tools,
applications, virtual images, and so on and use them in another
cloud environment without having to do any rework. Say one
application runs in one environment and you need that application to
operate with a partner’s application in another cloud environment. If
the right interoperability standards are in place, you can do this
without needing multiple versions of this application. Simple Object
Access Protocol (SOAP), Representational State Transfer (REST),
and Atom Syndication Format and Atom Publishing Protocol (both
standards referred to as Atom) are all examples of widely used
interoperability standards and protocols.
5+5
10
5
Security
Cloud security is such a big concern where you need to make sure
that the right controls, procedures, and technology are in place to
protect your corporate assets. Your organization has invested a lot
internally to protect your assets, and it’s reasonable to assume that
your cloud provider should do the same.
5
Cloud security standards are a set of processes, policies, and best
practices that ensure that the proper controls are placed over an
environment to prevent application, information, identity, and access
issues (to name a few). Two organizations that are very active in
this area are the Cloud Security Alliance and a think tank called the
Jericho Forum.
6
What is data security? Explain different types of security issues
faced by cloud providers.
A
Data security is the practice of keeping data protected from fraud
and unauthorized access. The focus behind data security is to
ensure privacy while protecting personal or corporate data. Under
cloud computing, security is an evolving sub-domain of computer
security, network security, and, more broadly, information security.
Page 4 of 5
12/200
4+2+2
+2
10
10
The massive distributed Internet architecture of cloud computing
has been influenced to provide data redundancy, faster access
times, and rapidly scalable service to support the high demand for
next-generation web technology. As a result security turn into the
major concern of cloud computing.
4
Security issues related to cloud computing fall into two broad
categories:
 Security issues faced by cloud providers and
 Security issues faced by their customers.
NIST divides security issues faced by cloud providers into three
categories:
Software-as-a-service (SaaS): Applications supplied by the service
provider.
2
Platform-as-a-service (PaaS): Tools and programming languages
supported by the provider for customers to deploy their own
applications;
2
Infrastructure-as-a-service: Provider supplies hardware platforms
within its network for customer use.
Page 5 of 5
2