Essay: Online Resource Sharing

Abstract
‘ The purpose of ONLINE RESOURCE SHARING is to apply traditional high-performance computing power, normally used by multinational organizations and government sectors, to perform tens of trillions of computations per second, in consumer-oriented applications such as financial portfolios, to deliver personalized information, to provide data storage using cloud computing and virtualization techniques.
‘ Basically in resource sharing different services like servers, storage and applications are delivered to an organization’s computers and devices through the Internet.
‘ To do this, cloud computing uses networks of large groups of servers typically running low-cost consumer PC technology with specialized connections to spread data-processing chores across them. In this virtualization techniques are used to maximize the power of cloud computing such as Application Virtualization (APP-V) and Microsoft Enterprise Desktop Virtualization (MED-V).
‘ User who seeks resources such as applications, storage etc should be able to retrieve from the resource sharing system through their valid identity.
‘ ONLINE RESOURCE SHARING:A sharing system project which uses cloud computing and virtualization components like APP-V and MED-V to provide fast sharing ,data storage and the most important thing is to provide SECURITY through IDENTITY MANAGEMENT.
1. Introduction
The goal of ONLINE RESOURCE SHARING is to apply traditional high-performance computing power, normally used by multinational organizations and government sectors, to perform tens of trillions of computations per second, in consumer-oriented applications such as financial portfolios, to deliver personalized information, to provide data storage using cloud computing and virtualization techniques.
Basically in resource sharing different services like servers, storage and applications are delivered to an organization’s computers and devices through the Internet.
ONLINE RESOURCE SHARING:A sharing system project which uses cloud computing and virtualization components like APP-V and MED-V to provide fast sharing ,data storage and the most important thing is to provide SECURITY through IDENTITY MANAGEMENT.
1.1 Cloud Computing:
Cloud computing is the delivery of computing services over the internet cloud services allow individuals and businesses to use software and hardware that are managed by third parties at remote locations. The cloud computing model allows access to information and computer resources from anywhere that a network connection is available.
Cloud computing is a technology that uses the internet and central remote servers to maintain data and applications.
Cloud computing, also known as on-demand computing, is a kind of Internet-based computing, where shared resources, data and information are provided to computers and other devices on-demand. It is a model for enabling ubiquitous, on-demand access to a shared pool of configurable computing resources.
Cloud computing promises several attractive benefits for businesses and end users. Three of the main benefits of cloud computing includes:
‘ Self-service provisioning: End users can spin up computing resources for almost any type of workload on-demand.
‘ Elasticity: Companies can scale up as computing needs increase and then scale down again as demands decrease.
‘ Pay per use: Computing resources are measured at a granular level, allowing users to pay only for the resources and workloads they use.
Cloud computing services can be private, public or hybrid.
Fig.1.1
1.2 Service Models:
Once a cloud is established, how its cloud computing services are deployed in terms of business models can differ depending on requirements. The primary service models being deployed are commonly known as:
‘ Software as a Service (SaaS) ‘ Consumers purchase the ability to access and use an application or service that is hosted in the cloud where necessary information for the interaction between the consumer and the service is hosted as part of the service in the cloud.
Examples: Google Docs, Salesforce CRM, SAP Business by Design.
‘ Platform as a Service (PaaS) ‘ Consumers purchase access to the platforms, enabling them to deploy their own software and applications in the cloud. The operating systems and network access are not managed by the consumer, and there might be constraints as to which applications can be deployed.
Examples: Force.com, Google App Engine, Windows Azure (Platform).
‘ Infrastructure as a Service (IaaS) ‘ Consumers control and manage the systems in terms of the operating systems, applications, storage, and network connectivity, but do not themselves control the cloud infrastructure.
Examples: Amazon S3, SQL Azure.
Fig.1.2
1.3 Deployment Models:
Deploying cloud computing can differ depending on requirements, and the following three deployment models have been identified, each with specific characteristics that support the needs of the services and users of the clouds in particular ways .
‘ Private Cloud ‘ The cloud infrastructure has been deployed, and is maintained and operated for a specific organization. The operation may be in-house or with a third party on the premises.
Example: eBay.
‘ Public Cloud ‘ The cloud infrastructure is available to the public on a commercial basis by a cloud service provider. This enables a consumer to develop and deploy a service in the cloud with very little financial outlay compared to the capital expenditure requirements normally associated with other deployment options.
Example: Amazon, Google Apps, Windows Azure.
‘ Hybrid Cloud ‘ the cloud infrastructure consists of a number of clouds of any type, but the clouds have the ability through their interfaces to allow data and/or applications to be moved from one cloud to another. This can be a combination of private and public clouds that support the requirement to retain some data in an organization, and also the need to offer services in the cloud.
1.4 Microsoft Application Virtualization (App-V):
Microsoft Application Virtualization (App-V) platform allows applications to be deployed (“streamed”) in real-time to any client from a virtual application server. It removes the need for traditional local installation of the applications, although a standalone deployment method is also supported.
Microsoft Application Virtualization (App-V) enables you to make applications available to end users without installing the applications directly on end user computers. App-V transforms applications into centrally managed services that are never installed and don’t conflict with other applications.
Server App-V appears as a “Private Cloud” concept in the way to offer “Software as a Service” (SaaS) and/or “Platform as a Service” (PaaS). This is the ability to deploy software or a platform without requiring installing it. Even though we usually use the concept of “application” in the same way as “software”, the term “SaaS” in Server App-V does not represent the entire scope of the platform. Server App-V includes the possibility to provide “as a Service” platforms like database engines or in the near future Exchange or SharePoint. One of the main goals of Server App-V is to have a predictable and repeatable way to deploy server applications.
Microsoft Application Virtualization (App-V) can make applications available to end user computers without having to install the applications directly on those computers. This is made possible through a process known as sequencing the application, which enables each application to run in its own self-contained virtual environment on the client computer. The sequenced applications are isolated from each other. This eliminates application conflicts, but the applications can still interact with the client computer.
1.5 Microsoft Enterprise Desktop Virtualization (MED-V):
Microsoft Enterprise Desktop Virtualization (MED-V) features better application compatibility support for Windows as well as improvements to workspace creation, deployment, and management.
MED-V delivers applications in a virtual machine instance that runs an earlier version of the operating system, such as .MED-V builds on top of Windows Virtual PC so that you can run two operating systems on one physical device, adding virtual image delivery, provisioning, and centralized management. From the user’s perspective, these applications and web sites are accessible from the standard desktop Start menu or in their browser and appear side by side with native applications, so there is minimal change to the user experience.
MED-V requires both a server and client computer and deployment considerations should be made for how clients will access the MED-V management server. Clients need to meet the system requirements for running a virtual instance of another operating system. But while these considerations need to be made MED-V remains the most robust and seamless of the virtualization options.
2. Literature Survey
A survey on security issues in service delivery models of cloud computing
Cloud computing is a disruptive technology with profound implications not only for Internet services but also for the IT sector as a whole. Still, several outstanding issues exist, particularly related to service-level agreements (SLA), security and privacy, and power efficiency.
As described in the paper, currently security has lot of loose ends which scares away a lot of potential users. Until a proper security module is not in place, potential users will not be able to leverage the advantages of this technology. This security module should cater to all the issues arising from all directions of the cloud. Every element in the cloud should be analyzed at the macro and micro level and an integrated solution must be designed and deployed in the cloud to attract and enthral the potential consumers.
This research will centred on application and data security over the cloud, and It intend to develop a framework by which the security methodology varies dynamically from one transaction/communication to another. One of the pieces of the framework might be focused on providing data security by storing and accessing data based on meta-data information. This would be more like storing related data in different locations based on the meta-data information which would make information invaluable if a malicious intent user recovers it. Keeping this as a core concept I am doing research on a framework which would be practical.
Another piece of the framework would be providing ‘Security as a Service’ to the applications by providing security as a single-tier or a multi-tier based on the application’s requirement and addition to it, the tiers are enabled to change dynamically making the security system less predictable.
This research is based on the conceptualization of the cloud security based on real world security system where in security depends on the requirement and asset value of an individual or organization.
An analysis of security issues for cloud computing
Cloud Computing is a relatively new concept that presents a good number of benefits for its users; however, it also raises some security problems which may slow down its use. Understanding what vulnerabilities exist in Cloud Computing will help organizations to make the shift towards the Cloud. Since Cloud Computing leverages many technologies, it also inherits their security issues. Traditional web applications, data hosting, and virtualization have been looked over, but some of the solutions offered are immature or inexistent.
They have presented security issues for cloud models: SaaS, PaaS, and IaaS, which vary depending on the model. As described in this paper, storage, virtualization, and networks are the biggest security concerns in Cloud Computing. Virtualization which allows multiple users to share a physical server is one of the major concerns for cloud users. Also, another challenge is that there are different types of virtualization technologies, and each type may approach security mechanisms in different ways. Virtual networks are also target for some attacks especially when communicating with remote virtual machines.
Some surveys have discussed security issues about clouds without making any difference between vulnerabilities and threats. They have focused on this distinction, where they consider important to understand these issues. Enumerating these security issues was not enough; that is why they made a relationship between threats and vulnerabilities, so we can identify what vulnerabilities contribute to the execution of these threats and make the system more robust. Also, some current solutions were listed in order to mitigate these threats. However, new security techniques are needed as well as redesigned traditional solutions that can work with cloud architectures. Traditional security mechanisms may not work well in cloud environments because it is a complex architecture that is composed of a combination of different technologies.
A quantitative analysis of current security concerns and solutions for cloud computing
Considering the points raised in the previous section, a straightforward conclusion is that cloud security includes old and well-known issues ‘ such as network and other infrastructural vulnerabilities, user access, authentication and privacy ‘ and also novel concerns derived from new technologies adopted to offer the adequate resources(mainly virtualized ones), services and auxiliary tools.
These problems are summarized by isolation and hypervisor vulnerabilities (the main technical concerns according to the studies and graphics presented), data location and e-discovery (legal aspects), and loss of governance over data, security and even decision making (in which the cloud must be strategically and financially considered as a decisive factor).
Another point observed is that, even though adopting a cloud service or provider may be easy, migrating to another is not . After moving local data and processes to the cloud, the lack of standards for protocols and formats directly affects attempts to migrate to a different provider even if this is motivated by legitimate reasons such as non-fulfilment of SLAs, outages or provider bankruptcy . Consequently, the first choice must be carefully made, as SLAs are not perfect and services outages happen at the same pace that resource sharing, multi-tenancy and scalability are not fail proof.
After a decision is made, future migrations between services can be extremely onerous in terms of time and costs; most likely, this task will require an extensive work for bringing all data and resources to a local infrastructure before redeploying them into the cloud.
Finally, the analysis of current trends for cloud computing reveals that there is a considerable number of well studied security concerns, for which plenty solutions and best practices have been developed, such as those related to legal and administrative concerns. On the other hand, many issues still require further research effort, especially those related to secure virtualization.
Security transparency: the next frontier for security research in the cloud
As the cloud paradigm has been gaining momentum, so have the concerns about its security and privacy. Nonetheless, the security community has been devising solutions that may help to thwart some of the security challenges. In this vein of effort, novel encryption mechanisms, SLA and virtual machines monitoring have been amongst the most researched topics. However, what can be taken from this analysis of the current security practices is that the current research has often overlooked the importance of mutual trust considerations and the need for mutual audit ability in the cloud.
By shedding more light on the current security practices and discussing on how they fare in addressing the lack of security transparency and mutual audit ability in the cloud, the authors hope to stimulate more research in that direction. The desiderata discussed in the previous section of the paper give a flavour of some of the challenges that await researchers keep on filling the existing gap.
Cloud identity management security issues &solutions: taxonomy
In this paper, they have presented research that is a step towards the development of an assessment criterion that can be used by other researchers and industry professionals to perform the evaluation of existing, as well as future Cloud based IDMSs. Since the domain of Cloud IDMS is still in its early stages, therefore, requires considerable attention from the research community and IT industry. They have contributed in this regard, by presenting a research work that holistically covers the domain of Cloud IDMSs.
In particular, contribution is multi-dimensional: first, they have presented a comprehensive list of security attacks that involve Cloud identity management systems and identity credentials as an attack tool or target; secondly they have identified the features that will act as counter measure against the mentioned attacks. Thirdly, state-of-the-art mechanisms against each feature are filtered out with an objective to maximize their performance, security and interoperability.
As another positive contribution, they have explicated the feature mechanism relationship in the form of a well-organized taxonomy which is later used to analyze/evaluate various Cloud based IDMSs. Lastly, they have applied the previously discussed attacks against each Cloud IDMS to confirm their reliability and applicability in Cloud. Our findings from the analysis are presented in the subsequent tables which prove that Cloud IDMSs invariably have some pros and cons in their architecture and functionality.
Furthermore, most of these Cloud IDMSs have limitations in terms of their reliability and applicability, as they are confined only to specific Cloud identity management scenarios.
In conclusion, our work will augment the research which leads to the development and designing of a robust and holistically secure Cloud based IDMS covering all the identified features. Presented taxonomy will allow CSCs and CSPs to make a knowledgeable decision by selecting an appropriate IDMS that best satisfies their security and functional requirements.
3. ANALYSIS OF EXISTING WORK & LIMITATIONS
From the analysis of the exiting sharing system I reach at the result that this kind of resource sharing systems are mostly based on cloud sharing using virtualization techniques. Further go towards my concept of ONLINE RESOURCE SHARING using cloud computing and virtualization techniques with security by identity management of users, Let me descried my analysis work on cloud computing and virtualization of current systems which is working in many organizations.
3.1 ANALYSIS ON CURRENT CLOUD COMPUTING SYSTEM
As we know the need of the cloud computing in resource sharing, we need to start the process from the root of the system which resides in the concept of the cloud and virtualization.
3.1.1 How does cloud computing works?
Cloud computing is defined as a type of computing that relies on sharing computing resources rather than having local servers or personal devices to handle applications. Cloud computing is comparable to grid computing, a type of computing where unused processing cycles of all computers in a network are harnesses to solve problems too intensive for any stand-alone machine.
In cloud computing, the word cloud (also phrased as “the cloud”) is used as a metaphor for “the Internet,” so the phrase cloud computing means “a type of Internet-based computing,” where different services ‘ such as servers, storage and applications ‘ are delivered to an organization’s computers and devices through the Internet.
WORKING!!!!! The goal of cloud computing is to apply traditional supercomputing, or high-performance computing power, normally used by military and research facilities, to perform tens of trillions of computations per second, in consumer-oriented applications such as financial portfolios, to deliver personalized information, to provide data storage or to power large, immersive online computer games.
To do this, cloud computing uses networks of large groups of servers typically running low-cost consumer PC technology with specialized connections to spread data-processing chores across them. This shared IT infrastructure contains large pools of systems that are linked together. Often, virtualization techniques are used to maximize the power of cloud computing.
3.1.2 Cloud Computing in the Small Business:
Cloud computing has started to obtain mass appeal in corporate data centers as it enables the data center to operate like the Internet through the process of enabling computing resources to be accessed and shared as virtual resources in a secure and scalable manner.
For a small and medium size business (SMB), the benefits of cloud computing is currently driving adoption. In the SMB sector there is often a lack of time and financial resources to purchase, deploy and maintain an infrastructure (e.g. the software, server and storage).
In cloud computing, small businesses can access these resources and expand or shrink services as business needs change. The common pay-as-you-go subscription model is designed to let SMBs easily add or remove services and you typically will only pay for what you do use.
Fig.3.1
3.1.3 Characteristics of cloud computing:
1. On-demand self-service: A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.
2. Broad network access: Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops and workstations).
3. Resource pooling: The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state or datacenter). Examples of resources include storage, processing, memory and network bandwidth.
4. Rapid elasticity: Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time.
5. Measured service: Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth and active user accounts). Resource usage can be monitored, controlled and reported, providing transparency for the provider and consumer.
3.2 ANALYSIS ON VIRTUALIZATION SYSTEM
Here we are going to see virtualization techniques named as Microsoft Application Virtualization and Microsoft Enterprise Desktop Virtualization.
Microsoft Enterprise Desktop Virtualization (MED-V):
Microsoft Enterprise Desktop Virtualization (MED-V), a core component of the Microsoft Desktop Optimization Pack (MDOP) for Microsoft Software Assurance, is the most robust and scalable solution for virtualizing Internet Explorer 7 and Internet Explorer 6. It provides a centrally managed solution that is intended for enterprise customers. If you use MED-V for virtualization, you can run Windows” 7 and still run older applications seamlessly, directly from a Windows 7 desktop. Users continue to work as they always have and as they launch their browser, MED-V determines whether to leave the URL in Internet Explorer 8 or whether it should redirect and display it in Internet Explorer 6 or Internet Explorer 7 on the MED-V workspace. The MED-V policy that is created and managed by the administrator determines the who, what, and how of applications from the MED-V workspace. By using MED-V, you retain the productivity benefits of the newest operating system, yet you can use older applications that might be best suited for your work.
What Is MED-V?
MED-V delivers applications in a virtual machine instance that runs an earlier version of the operating system, such as .MED-V builds on top of Windows Virtual PC so that you can run two operating systems on one physical device, adding virtual image delivery, provisioning, and centralized management. From the user’s perspective, these applications and web sites are accessible from the standard desktop Start menu or in their browser and appear side by side with native applications, so there is minimal change to the user experience.
MED-V requires both a server and client computer and deployment considerations should be made for how clients will access the MED-V management server. Clients need to meet the system requirements for running a virtual instance of another operating system. But while these considerations need to be made MED-V remains the most robust and seamless of the virtualization options.
Benefits of Using MED-V:
As previously stated, you can use MED-V to run Internet Explorer 7 or Internet Explorer 6 in a virtual environment with a previous operating system version, seamlessly integrated into the Windows 7 desktop. The following list addresses some of the benefits of using MED-V:
‘ MED-V is easy to provision and deploy. MED-V provides a way to automate the first-time setup of virtual machines at the endpoint, including assignment of a unique computer name, performing initial network setup, and joining the virtual machine to a corporate domain.
With MED-V, you can customize images in heterogeneous desktop environments, and you can adjust the Virtual PC memory allocation based on available RAM on the host computer.
Application and website provisioning is based on Active Directory users/groups. You can assign a virtual image and define which applications are available to the user and which web sites should be redirected to Internet Explorer 6 or Internet Explorer 7.
‘ MED-V is centrally managed. You can centrally define usage permissions and virtual machine settings and centrally monitor endpoint clients. There are also helpdesk tools to diagnose and troubleshoot virtual machines.
‘ With MED-V, you can maintain a minimal inventory. While you do have additional operating systems, you are generally not burdened with many extra images to manage. While language packs or Internet Explorer 7 may require more images, many customers find that they need only a single additional image.
MED-V provides an administrator console for virtual image management and a central image repository for image storage, versioning, and delivery (which can be based on Internet Information Services [IIS] web servers, System Center Configuration Manager, or alternative deployment technologies). Integration with makes it possible to provision virtual images based on group membership or user identity.
‘ You can use standard image maintenance. With MED-V, you can continue using Windows Server” Update Services (WSUS) to deploy the latest Microsoft product updates or System Center Configuration Manager. The MED-V workspace is managed as any other desktop in the enterprise.
Limitations of MED-V:
MED-V utilizes client machine resources, and this may be an issue for under-powered hardware. Starting the virtual machine on the client side can take a few minutes; it therefore might be beneficial to set the MED-V preference to leave the virtual machine running for the best user experience.
MED-V requires that you manage an extra operating system, which means extra inventory, patching, antivirus software, and so on. However, MED-V can be managed with the same tools that you are managing the MED-V host with, as an example you can patch the MED-V workspace with Windows Server Update Services (WSUS).
MED-V does not work on a virtualized operating system through virtualized desktop infrastructure (VDI). VDI clients are already virtual, so they cannot host a virtual instance. This means that if you are using VDI for user desktops, you cannot host MED-V.
MED-V Solution Components:
The MED-V includes the following components:
‘ Administrator-defined virtual machine. This virtual machine encapsulates a full desktop environment, including an operating system, applications, and optional management and security tools.
‘ Image repository. The image repository stores all virtual images on a standard IIS server and enables virtual images version management, client-authenticated image retrieval, and efficient download (of a new image or updates). The image repository is optional; alternative deployment methods that deliver the image to the MED-V host can be used including distribution with System Center Configuration Manager.
‘ Management Server. The Management Server associates virtual images from the image repository along with administrator usage policies to Active Directory users or groups. The Management Server also aggregates clients’ events and stores them in an external database (Microsoft SQL Server”) for monitoring; reporting is an optional feature. Note that additional policy servers may be required for large deployments.
‘ Management Console. The Management Console makes it possible for administrators to control the Management Server and the image repository.
‘ User. Applications installed in the virtual machine are seamlessly available through the standard desktop Start menu and are integrated with other applications on the user desktop. Web applications can also be automatically redirected to Internet Explorer 6 or Internet Explorer 7 in the MED-V workspace, providing seamless compatibility.
How Does MED-V Work?
When a user launches MED-V, the MED-V client contacts the MED-V management server. The management server returns the policy to the client. Through the policy, the MED-V client identifies which virtual machine it should use, what applications should be published to the host, and how those should be displayed. Based on the policy, the client looks to see if the virtual machine is available locally (pre-distributed with System Center Configuration Manager). If not, the client attempts to download it from the image server. After the virtual machine is available, it is configured for that user (machine rename, domain joined, and so on) and then the user can begin accessing applications in the MED-V workspace.
After MED-V is deployed, the user experience is completely seamless’designated URLs are automatically redirected to the MED-V workspace in Internet Explorer 6 or Internet Explorer 7.
System Requirements:
Following are the detailed system requirements for MED-V.
‘ Management Server
o Operating system: Windows Server 2008 R2, Windows Server 2008 Standard, or Windows Server 2008 Enterprise (x86 and 64-bit) editions
o Recommended hardware: Dual processor (2.8 gigahertz [GHz]), 4 GB RAM
o Active Directory: Management server should be joined to a domain
‘ Additional Server Components
o Image repository: web server(s) based on IIS (optional, used if the administrator selects a deployment method other than the Image Server)
o Reporting database (optional): SP2 Enterprise Edition or Express, Standard, or Enterprise editions
o Additional policy server for larger deployments
‘ Client
o 2 GB RAM
o Operating system:
‘ Windows 7
‘ Windows Vista” with Service Pack 1 (SP1) (Enterprise, Home Basic, Home Premium, Business, Ultimate)
‘ with SP2 or SP3 (Professional, Home)
o Microsoft Virtual PC: Microsoft Virtual PC 2007 SP1 with KB958162 (or newer) is required
‘ Guest Operating System
o with SP2 or SP3’32-bit
o Microsoft Windows 2000 SP4’32-bit
3.3 APPLICATION VIRTUALIZATION (APP-V):
Microsoft Application Virtualization (also known as App-V) is an application virtualization and application streaming solution from Microsoft. It was originally developed by Softricity, a company based in Boston, Massachusetts, acquired by Microsoft on July 17, 2006. App-V represents Microsoft’s entry to the application virtualization market, alongside their other virtualization technologies such as Hyper-V, Microsoft User Environment Virtualization (UE-V), Remote Desktop Services, and System Center Virtual Machine Manager.
Overview:
Microsoft Application Virtualization (MS App-V) platform allows applications to be deployed (“streamed”) in real-time to any client from a virtual application server. It removes the need for traditional local installation of the applications, although a standalone deployment method is also supported. With a streaming-based implementation, the App-V client needs to be installed on the client machines and application data that is stored on the virtual application server is installed (streamed) to the client cache on demand when it is first used, or pre-installed in a local cache.
Microsoft App-V is an additional component requiring licensing for use. Licensing is user-based and is either acquired by licensing Microsoft Desktop Optimization Pack (MDOP) for use on client operating systems, or as part of the Microsoft Remote Desktop Server Client Access License for use on Remote Desktop Servers. MDOP is a suite of technologies available as a subscription for Software Assurance customers. There also exists a licensing model that exists for hosting (cloud services) providers.
Major versions and variants:
Microsoft released Version 5 of App-V in late November 2012, which is a third generation major redesign of the entire platform. Version 5 modernized the product, replacing components designed for use originally against Windows NT and Windows 2000 some 11 years earlier. The redesign also allowed for support of newer Operating System features and improvements to virtualization support. An independent list of recent App-V versions is maintained here.
Version 4.x of the product is still in widespread use and is currently in active support. Microsoft extended the version 4 based support for up to Windows 8 SP1 and Server 2012 R2 client operating systems, however some of the newer operating system features are not available for virtualized applications using App-V 4.x.
Versions 3.x and 2.x are not known to be in production use any more; support for these versions ended with the acquisition of Softricity by Microsoft. Versions 2.x through 4.x represent the second generation application virtualization product.
There was no 1.x version of the product. Prior to the release of SoftGrid 2.0, Softricity was known as Software Wow! Software Wow! Was an early cloud based service provider with an application store that streamed applications (primarily games) to consumers. The service used an in-house first generation product to provide Software As A Service (SaaS). Although little online information exists about the company today, this product provided streaming services with very limited virtualization support.
An offshoot of App-V was released by Microsoft under the name Microsoft Server Application Virtualization (‘App-V for Servers’).This platform, which supports virtualization redirection but without isolation, is aimed at delivering virtualized server loads that would not have intra-application conflicts. The product is available as part of System Center Virtual Machine Manager, and it typically used to spin up new instances of servers on a demand-driven basis.
Architecture:
Microsoft offers three options for the deployment of virtual applications, which affects the architectural components used:
‘ A set of servers dedicated to App-V.
‘ System Center Configuration Manager integration.
‘ “Stand-alone” mode wherein the application may be delivered via other means.
The implementations of these three deployment options are different when version 5.x or 4.x of App-V is used.
Limitations of version 4.x:
‘ Microsoft Office plug-ins: Although one can sequence Microsoft Office plug-ins, it is not advised to sequence them due to many technical & usage issues. For example, in a situation where there are more than two plug-ins used by a user, if they are sequenced separately, then the user does not have control over which plug-in sequence starts when he opens a document. The only work around to resolve the issue is by creating a single suite or dynamic suite of all the plug-ins.
‘ Application Size: If the maximum client cache size is set to at least 4 GB (The max can be 64 GB), then the maximum size of application which can be streamed on that machine is 4 GB. All applications that have an installed footprint greater than or equal to the max client size, set by the client, should not be sequenced. The maximum application size Softgrid can handle is 4GB, due to the use of the FAT32 file-system.
‘ Device Driver: App-V presently does not support sequencing of kernel-mode device drivers; thus any application that installs a device driver cannot be sequenced. The only exception to this is when the device driver can be pre-installed locally; in this case, the application is sequenced without the device driver.
‘ Shortcuts: Applications should have minimum of one shortcut. If no shortcuts are present, then the application should be sequenced in a suite along with the application that needs it. Internet Explorer plugins require a special shortcut to start the browser process under the virtualization layer.
‘ Middleware: Middleware applications may not be good candidates for sequencing as they may be runtime prerequisites for multiple applications. With later versions of App-V, they can be sequenced into a separate package that other virtual applications are linked to using a feature called Dynamic Suite Composition.
‘ Path hard coding: The application should not have folder/file path hard coded in the application itself. Some applications hard code the path of files in their executables rather than parameterizing them or storing them in the Windows Registry. Configuration files ending in extensions such as ini, conf, dat, and txt are good places to look for application-specific settings of path information that may cause problems. Failing that, a shim can be used to remediate the application where source code or an update is not available.
‘ Auto Update: Applications with automatic updates should not be sequenced if their update mechanism cannot be disabled. Sequenced applications sometimes fail to update. In addition, allowing auto-update leads to non compliance of application version.
‘ Services: Virtualization of services that must start at boot-time are not supported. All other types of services may generally be virtualized; they are started when the virtual application starts and shuts down or when an application main executable terminates.
‘ Licensing Policies: Applications with licensing enforcement tied to the machine, e.g. the license is tied to the system’s MAC address or hard disk serial number. This type of application should not be sequenced if the activation cannot be done by the user at the first launch of sequenced application, manually or by script.
‘ Internet Explorer & Service Packs: Microsoft does not support sequencing of any version of Internet Explorer.
Capabilities Specific to Version 5.x:
Version 5.x, in addition to being a redesign, added a number capabilities not previously available in the 4.x version. 5.0 Service Pack 2 added to these. They include:
‘ Support for additional integrations. Applications have many ways to provide integration to the operating system and user desktop shell. Previously, only application shortcuts, file type associations, and COM integrations were available for providing the user a native-like experience. Version 5.x, especially with Service Pack 2 and beyond, significantly expanded the types of integrations, called Application Extensions in App-V. In addition to improved Shortcut support, Protocol Handlers, Application Capabilities, Software Clients, App Paths, and a variety of shell extensions, browser helper objects, and Active-X integrations were added. Many of these extensions help overcome the objections to virtualizing complicated applications such as Microsoft Office and plug-ins to Office.
‘ Application Size. The 4GB package size limitation is gone. No documented limit exists for App-v 5.x packages.
‘ Improved Scripting. Dependent components that cannot be virtualized may now be installed locally by the App-V client when needed using the new scripting interface, even when the logged in user does not have administrative privileges to install software. This includes dependent device drivers.
‘ Connection Groups: Used when multiple packages need to work together in a single virtual application environment, this replaces the Dynamic Suite Composition added to App-V 4.5. The primary benefit of this redesign is that the Connection Groups are now managed objects at the App-V or Configuration Manager level, rather than hidden modifications made by an administrator.
‘ Run Virtual: Sometimes virtual applications are started using locally installed components, such as a local web browser using virtualized plug-ins. previously, virtualizing these applications caused issues for users that already created their own shortcuts to the local component. Using Run Virtual, the administrator can ensure that any launch of the local component will be virtualized.
3.4 LIMITATIONS IN EXISTING SYSTEM:
3.4.1 Risk involved in cloud computing resource sharing:
‘ Cloud security: The same security principles that apply to on site computing apply to cloud computing security. For example: identity management personal identifies information needed to access any computer network associated resource; detection identifying real vs. illegitimate activity; Encryption information asset coding to protect data.
‘Cloud manageability: The ability to have a consistent view and management capabilities across physical and cloud based environments. You need a consistent view across both on premises and cloud based environments.
‘ Cloud standards: Cloud standards ensure inter functionality, so you can take tools, applications, virtual images and use them in another cloud environment seamlessly.
‘ Cloud governance: Governance identifies responsibility for the policies and procedures that need to be followed. Cloud governance requires governing owned infrastructure and infrastructure not owned as well.
‘ Data in the cloud: Managing data in the cloud requires data security and privacy, including
controls for moving data. It also includes managing data storage and the resources for large
scale data processing.
3.4.2 Limitations of Existing Cloud System:
1) Downtime
This may be one of the worst disadvantages of cloud computing. No cloud provider, even the very best, would claim immunity to service outages. Cloud computing systems are internet based, which means your access is fully dependent on your Internet connection. And, like any hardware, cloud platforms themselves can fail for any one of a thousand reasons.
2) Cloud Computing disadvantages: security and privacy
Any discussion involving data must address security and privacy, especially when it comes to managing sensitive data. We mustn’t forget Code Space and what happened to it after its AWS EC2 console was hacked and its data eventually deleted, forcing the company to close doors forever. By leveraging a remote cloud based infrastructure, a company basically outsources everything it has.
Of course, your cloud service provider is expected to manage and safeguard the underlying hardware infrastructure of a deployment, however remote access is your responsibility and, in any case, no system is perfectly secure. You’ll have to carefully weigh all the risk scenarios.
After the recent leaks of celebrity pictures and countless millions of user login credentials, the privacy of your cloud-based data is another consideration.
3) Cloud Computing disadvantages: vulnerability to attack
In cloud computing, every component is potentially accessible from the Internet. Of course, nothing connected to the Internet is perfectly secure and even the best teams suffer severe attacks and security breaches. But since cloud computing is built as a public service and it’s easy to run before you learn to walk. No one at AWS checks your administration skills before granting you an account: all it takes to get started is a valid credit card.
4) Limited control and flexibility
To varying degrees (depending on the particular service) cloud users have limited control over the function and execution of their hosting infrastructure. Cloud provider EULAs and management policies might impose limits on what customers can do with their deployments. Customers are also limited to the control and management of their applications, data, and services, but not the backend infrastructure. Of course, none of this will normally be a problem, but it should be taken into account.
5) Cloud computing platform dependencies
Implicit dependency, also known as ‘vendor lock-in’ is another of the disadvantages of cloud computing. Deep-rooted differences between vendor systems can sometimes make it impossible to migrate from one cloud platform to another. Not only can it be complex and expensive to reconfigure your applications to meet the requirements of a new host, but migration could also expose your data to additional security and privacy vulnerabilities.
6) Cloud Computing costs
Cloud computing ‘ especially on a small scale and for short term projects ‘ can be pricey. Though it can allow you to reduce staff and hardware costs, the overall price tag could end up higher than you expected. Until you’re sure of what will work best for you, it’s a good idea to experiment with a variety of offerings. You might also make use of the cost calculators made available by providers like Amazon’s AWS and Google’s GCP.
3.4.3 Limitations in virtualization techniques:
Generally techniques or components used in virtualization are APP-V and MED-V which have some limitation in current cloud sharing system. Both component’s limitation are listed below.
Limitations of MED-V:
MED-V utilizes client machine resources, and this may be an issue for under-powered hardware. Starting the virtual machine on the client side can take a few minutes; it therefore might be beneficial to set the MED-V preference to leave the virtual machine running for the best user experience.
MED-V requires that you manage an extra operating system, which means extra inventory, patching, antivirus software, and so on. However, MED-V can be managed with the same tools that you are managing the MED-V host with, as an example you can patch the MED-V workspace with Windows Server Update Services (WSUS).
MED-V does not work on a virtualized operating system through virtualized desktop infrastructure (VDI). VDI clients are already virtual, so they cannot host a virtual instance. This means that if you are using VDI for user desktops, you cannot host MED-V.
Limitations of APP-V:
Microsoft Application Virtualization does not support sequencing of device drivers thus any application which install device driver should not be sequenced.
If the maximum client cache size is set for 2 GB (The max can be 64 GB), then the maximum size of application which can be streamed on that machine is 2 GB. All applications which have the installed footprint greater than or equal to the max client size, set by the client, should not be sequenced.
Middleware applications are not a good candidate for sequencing as they can be used as a prerequisite by multiple applications, thus should be installed locally. But if multiple version of it are needed then they should be sequenced along with the application which needs them. It is always advised to have only one version of any application/middleware in the organization thus conditions for multiple versions should be avoided With Version 4.5 most of the middle-wares can be sequenced and used as secondary packages.
4. PROPOSED DESIGN
4.1 Introduction:
This chapter covers the research design of ONLINE RESOURCE SHARING SYSTEM, including sampling, working flow of project, architecture of components of virtualization, establishing architecture of the system and required installations for the system.
As described earlier in the report, the system is consisting of the network which is interconnected via server and as a result system gives the output in the form of sharing of the resources. The design includes the components like APP-V, HYPER-V, MED-V provided by Microsoft. Now let’s see the design of the system.
4.2 Architectural Design of ONLINE RESOURCE SYSTEM:
Design of ONLINE RESOURCE SHARING system is show in diagram. As shown in the diagram WINDOWS SERVER 2012 is installed on main PC or machine. Then after ADDS, DNS, HYPER-V roles are installed in main windows server. DNS is automatically installed after the installation of ADDS role.
Fig.4.1
Then create Virtual Machine (VM) with the help of HYPER-V in main server. After creating virtual machine we need to install IIS role in that virtual machine. Then in virtual machine Application virtualization (APP-V) component of Microsoft is installed. After that install SQL SERVER 2012 installed in VM.
Then take one more machine and install WINDOWS SERVER 2012 on that. Again install HYPER-V role in server. After that creation of virtual machine is takes place which is WINDOWS 7. Then install APP_V sequencer in WINDOWS 7 virtual machine.
Take one another PC for client process for sharing resources. Install WINDOWS 8 on that machine. Then to access resources install APP-V client on WINDOWS 8 machine.
As a result of the system client request the main server for required resources and get the desired resources from the main server. This process goes in this way, first WINDOWS 8 client request the main WINDOWS SERVER 2012 for application of any other resource. According to that request server gives the resources as response and share the resources using APP-V sequencer. As a result client gets the requested resources from the server.
4.3 Design of virtualization components:
4.3.1 Design of APP-V:
Application streaming software from Microsoft that delivers applications to Windows desktops without installing them. Formerly SoftGrid from Softricity, which Microsoft acquired in 2006, App-V can be used stand-alone or with Windows Server Remote Desktop Services (RDS), but unlike the RDS modes, App-V applications are not installed in the server. They are installed once on a reference computer and “published” to the client as a package.
Below is a APP-V architecture.(it can be breakdown into models as listed below as per the requirement of the Project/Infrastructure).
Here I will discuss what is application virtualization, its advantages, infrastructure, architecture, design flow, models. Here I won’t discuss of setting up a virtualization infrastructure since it requires a dedicated approach via online or classroom training but questions are welcome.
Application Virtualization makes it possible to available the application to the end user in a managed way without actually installing the application on the end user machines and no conflicts with other applications.
Fig.4.2
The first step involves publishing the application, consisting of delivering the shortcuts and file type associations, package definition information, and content source location to each computer with the App-V client installed.
In the second part, the packaged virtual applications are deployed to the workstation or terminal server. Alternatively, in an MSI deployment, the publishing information and deployment are combined in a single step.
App-V provides three methods for deploying application virtualization:
Option 1: Standalone Model via sequencing and client
Allows virtual applications to be MSI-enabled for distribution without streaming.
Option 2: Streaming Model using the native streaming capabilities of App-V
Offers application streaming without requiring Active Directory or a database, and enables administrators to stream from existing servers or via System Center Configuration Manager 2007 SP1 with R2 distribution points.
Option 3: Full Infrastructure Model provides software distribution, management, and reporting capabilities (includes application streaming)
Provides for built-in software distribution, management, and reporting capabilities; it also includes application streaming.
4.3.2 Design of MED-V:
Microsoft Enterprise Desktop-Virtualization Software that facilitates the deployment of Windows XP Mode in a company (running XP within a Windows 7 PC). It integrates with Microsoft’s System Center Configuration Manager (SCCM) to manage the distribution of XP Mode to multiple users. Architecture of MED-V is as show in figure.
MED-V includes several components that combine together to provide a solution to manage the creation, testing, provisioning, maintenance, and troubleshooting of virtual machines from a central location. The main MED-V components include:
‘ MED-V Management Server
‘ MED-V Management Console
‘ MED-V Image Repository Server
‘ MED-V Client
‘ Virtual PC 2007
MED-V Management Server
The MED-V management server provides the centralized management of VMs stored in the MED-V image repository and deployed VMs. It also maintains the mappings between VMs, usage policies, and the Active Directory (AD) users and groups to which they are assigned. Using Active Directory Domain Services (ADDS), the MED-V management server enables provisioning of VMs based on user or group membership, as well as enabling user authentication prior to VM access. MED-V clients also connect to the MED-V management server to authenticate and retrieve up-to-date usage policy.
In addition, the MED-V management server enables aggregation of client events that it maintains in an external SQL Server, and that are used to monitor and report on client status.
Fig.4.3
MED-V Management Console
The MED-V management console is the graphical user interface (GUI) through which administrators gain access and interact with the MED-V management server and MED-V image repository. The MED-V management console enables administrators to update usage policies, provision MED-V workspaces to users and de-provision existing users, as well as create, manage, update, or delete images stored in the MED-V image repository. Image updates are automatically distributed to relevant users when they work online.
MED-V Image Repository Server
The MED-V image repository server is an IIS Server which stores VMs and enables VM versioning, as well as VM retrieval and distribution using Trim Transfer technology. Trim Transfer technology provides a mechanism to eliminate the transfer of data that is identical between the VM image and the destination desktop. In addition, when an updated VM image is delivered, only the data that has changed will be transferred to the destination desktop.
MED-V Client
The MED-V client component is installed on the desktop client machines. The MED-V client is used to connect and authenticate to the MED-V management server, which in turn queries AD for access control and security policy settings. Following completion of the authentication process, the MED-V client retrieves up-to-date usage policy from the MED-V management server and retrieves VM image data from the MED-V image repository. The MED-V client is also responsible to customize the VM based on policy, as well as initiating, suspending and terminating a VM session within the Virtual PC 2007 environment.
Virtual PC 2007 SP1
Virtual machines provisioned to a MED-V client run in Virtual PC 2007 SP1 (and requires the hot fix rollup package contained in KB958162). Virtual PC 2007 SP1 is a hosted virtualization platform that runs on top of a defined set of Windows operating systems, providing support for 32-bit guest VMs.
Virtual PC 2007 SP1 also supports hardware-assisted virtualization, but does not require it. Hardware-assisted virtualization is configurable on an individual VM basis. Virtual PC 2007 SP1 is a free download available on the Microsoft website.
5. IMPLEMENTATION AND EXPERIMENTAL RESULT
In this chapter of I will show you to install WINDOWS SERVER 2012, installation of different ROLES on the server like ADDS, DNS and IIS, installation of APP-V and APP-V SEQUENCER.
As soon as installation of WINDOWS SERVER 2012, we need to install roles on the main server. For this let’s see the screen shot captured of installation process of ROLES. Then after ADDS, DNS and IIS were installed on the main server.
Implementation of Roles:
Open server manager to install roles on server
Open Dashboard and click on Add Roles and features
Click NEXT
Click NEXT
Select role and click NEXT
Implementation of ADDS:
From the roles list select the “Active Directory Domain Services” role and Click “Next”
Select .NET Framework 3.5 and click NEXT
It will take few minutes to complete and when its done you will get this confirmation. And then click on Close
Now Configure ADDS, open Deployment and configuration wizard and click NEXT.
Set the password and click NEXT
Click on NEXT
Last step is to click install.
It takes some time and after installation it will be appear like below.
Implementation of DNS:
Before you start to configure your DNS, you must gather some basic information. Internic must approve some of this information for use on the Internet, but if you are configuring this server for internal use only, you can decide what names and IP addresses to use.
You must have the following information:
‘ Your domain name (approved by Internic).
‘ The IP address and host name of each server that you want to provide name resolution for.
Note: The servers may be your mail servers, public access servers, FTP servers, WWW servers.
Before you configure your computer as a DNS, verify that the following conditions are true:
‘ Your operating system is configured correctly. In the Windows Server 2003 family, the DNS service depends on the correct configuration of the operating system and its services, such as TCP/IP. If you have a new installation of a Windows Server 2003 operating system, then you can use the default service settings. You do not have to take additional action.
‘ You have allocated all the available disk space.
‘ All the existing disk volumes use the NTFS file system. FAT32 volumes are not secure, and they do not support file and folder compression, disk quotas, file encryption, or individual file permissions.
Open local server from server manager then selct TASK and choose DNS.
Select new zone from Forward lookup zone in DNS Manager.
Click on next.
Click on next.
Select new zone from DNS manager.
Click on NEXT.
On the Completing the Configure a DNS Wizard page of the Configure a DNS Wizard, you can click Back to change any of the settings. To apply your selections, click Finish.
Implementation of IIS:
Implementation of APP-V:
Click on appv_server_setup.exe
1. Accept the License
2. Select No for Updates
3. Select Management Server, Publishing Server and Reporting Server
4. Select Installation Location
5. Enter Management Database Location
6. Create New Management Server Database
7. Enter Reporting Database Location
Click on close after installation complete.
Implementation of APP-V Sequencer:
Following steps are done in installation of AAP-V Sequencer.
1. Copy the App-V sequencer installation files to the computer on which it will be installed. Double-click appv_sequencer_setup.exe and then click Install.
2. On the Software License Terms page, you should review the license terms. To accept the license terms select I accept the license terms. Click Next.
3. On the Use Microsoft Update to help keep your computer secure and up-to-date page, to enable Microsoft updates select Use Microsoft Update when I check for updates (recommended). To disable Microsoft updates from running select I don’t want to use Microsoft Update. Click Next.
4. On the Customer Experience Improvement Program page, to participate in the program select Join the Customer Experience Improvement Program. This will allow information to be collected about how you are using App-V. If you don’t want to participate in the program select I don’t want to join the program at this time. Click Install.
5. To open the sequencer, click Start and then click Microsoft Application Virtualization Sequencer.
Run setup and click on create package.
Give name and click on next.
Configure it and give path.
Launch sequencer and then click on next.
Package is displayed with given name.
CONCLUSION & FUTURE EXTENSIONS
From the above study we can conclude that in resource sharing system main issue is speed of sharing and security management of users which can be remove by using virtualization techniques and identity management. So my identity management system will solve the security issues of resource sharing system and virtualization techniques will make improvement in speed, storage allocation of shared resources.
As a future work of my project I will work on Desktop Virtualization technique component MED-V and Identity management through Certificate generation of user for accessing shared resources for security purpose.
BIBLIOGRAPHY
[1] Kanika Aggarwal. Cloud computing: The future of computing. Journal of Engineering Computers & Applied Sciences, 2(1):14-18, 2013.
[2] Ben Kepes. Understanding the cloud computing stack: Saas, paas, iaas. Diversity
Limited, pages 1-17, 2011.
[3] Peter Mell and Tim Grance. The nist definition of cloud computing. 2011.
[4] Harshit Saxena, Manoj Verma, Sanika Mishra, and Divya Chourasiya. Cloud
computing basics.
[5] Barrie Sosinsky. Cloud computing bible, volume 762. John Wiley & Sons, 2010.
[6] Toby Velte, Anthony Velte, and Robert Elsenpeter. Cloud computing, a practical
approach. McGraw-Hill, Inc., 2009.
[7] Mell, P. (2011, September 31). The NIST Definition of Cloud Computing. Retrieved November 1, 2015, from National Institute of Standards and Technology.
[8]”Security of virtualization, cloud computing divides IT and security pros”. Network World. 2010-02-22. Retrieved 2010-08-22.
[9] Attardi, Jim. “Cloud Technology and Its Implication for Quality Service”. Retrieved 27 July 2015.
[10] Trend and Need of Application Virtualization in Cloud Computing By Kirandeep Kaur & Dr. Gurjit Singh Bhathal.
[11]R. Dhamija & L. Dusseault, ‘The Seven Flaws of Identity Management: Usability and Security Challenges’, (2008)
[12] K. Cameron, ‘The Laws of Identity’, May 12, 2005, Kim Cameron’s Identity Weblog,