Desktop version

Home arrow Computer Science arrow Securing Systems Applied Security Architecture and Threat Models

Cloud Software as a Service (SaaS)

In this, our last architecture, we examine the cloud “SaaS” that implements the reputation service that we encountered in the mobility example. “SaaS” is a cloud acronym for “Software as a Service.” The meaning of SaaS should become clear through the analysis. If you’re unfamiliar with reputation services for security software, it may be helpful to return to the mobility example and refresh your understanding.

What's So Special about Clouds?

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g, networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.1

We will not analyze the management portion of the mobility service. Several example architectures in this book have included management components. The cloud aspects of the management service would be roughly equivalent to the other examples, save for the distributed nature of cloud SaaS. The present example will explore distribution in some depth. If this were a real system, security analysis of all the components would be required, not just the reputation service in isolation.

In the mobility example, we represented the management of the mobility clients and the reputation service as servers in the “cloud.” Of course, these services require far more architecture than a single or even a horizontally scaled set of servers. Typically, any service offered on the web that must process large data sets, what is commonly known as “big data,” will at the very least have an application layer to do the processing, and some sort of data layer. Usually, because of the complexities of processing, presentation, multitenancy, and performance, the application processing can’t be done through a single execution environment. There are just too many tasks that need to be accomplished to squeeze all that processing into a single, unitary application.

Even with horizontal scaling to increase the processing, there are distinct phases through which data must flow in order to support an industrial-strength, commercial, data-intensive service. The tasks in the processing chain are relatively distinct and fairly easy to separate out. For this reason, there are more than just “layers.” As we shall see, there are groupings of processing that can be assembled to form logical units. This allows for a software architecture to emerge at a gross functional level, which fosters the specialization of programmers in particular types of processing. And it also allows for better security (and architectural) grouping.

 
Source
< Prev   CONTENTS   Source   Next >

Related topics