Cloud Storage:

Infrastructure,
Security &
Management

Dr. Srividhya G
1
Agenda
• Introduction to Cloud Storage Infrastructures
• Ensuring Business Continuity with Cloud Storage
• Basic Concepts of Information Security in Cloud Environments
• Managing Virtual Data Centers (VDC) and Cloud Environments
• Securing Storage in Virtualized and Cloud Infrastructures
• Monitoring, Management, Security Auditing, and SIEM
• Storage Network Design, Architecture, Analysis and Planning

2
Cloud Storage
Infrastructure
3
Defining Cloud Storage

Definition

Cloud storage infrastructure refers to a

collection of hardware and software
resources that provide data storage
services over the internet. It enables
users and organizations to store, access,
and manage data remotely without
relying on local storage devices.

4
Key Components
[Link] Servers
Physical servers where data is stored.

2. Virtualization Layer
Abstracts physical storage into virtual
storage pools.

3. Network Infrastructure
Connects users to cloud storage through
the internet.

4. Management Software
Controls storage allocation, monitoring,
and security.

5
Types of Cloud Storage

Object Storage
Stores data as objects with metadata
(used in cloud services).
Block Storage
Stores data in fixed-size blocks (used in
databases).
File Storage
Stores data in file format with hierarchical
structure.

6
Characteristics

•Scalability: Storage can be increased or

decreased easily

•High Availability: Data is accessible

anytime

•Elasticity: Resources are dynamically

allocated

•Pay-as-you-use: Users pay only for what

they use

7
Working of Cloud Storage

1. User uploads data via internet

2. Data is stored in distributed data
centers
3. Data is replicated for reliability
4. User can access data anytime from any
location

Advantages

•Reduced infrastructure cost

•Easy data access
•Automatic backup and recovery
•Supports large-scale data storage
Example

Services like Amazon S3 provide scalable

cloud storage where users can store and
retrieve data from anywhere.
8
 Types of Cloud Storage Solutions
Public Cloud Private Cloud
Multi-tenant resources accessible via Dedicated infrastructure for a single
the internet. Providers include AWS, organization. Offers enhanced control,
Azure, and Google Cloud. Ideal for security, and customization.
scalability and cost efficiency.

Hybrid Cloud Object Storage

Combines public and private cloud. Stores unstructured data such as
images, videos, and backups. Highly
Optimizes cost, flexibility, and
scalable and suitable for big data
compliance for diverse workloads. analytics.

File Storage Block Storage

Shared file systems for collaborative Provides raw storage volumes for
access. Used for applications requiring databases and transactional systems.
Offers high performance and low
hierarchical file structures.
latency.

9
 Cloud Storage: Benefits & Challenges

Strengths Weaknesses
Cost savings, scalability, improved Data security concerns and latency
accessibility, and simplified issues are notable weaknesses
management are key strengths of cloud organizations must address.
storage adoption.

Opportunities Threats
Leveraging flexible pricing and dynamic Regulatory compliance challenges and
workloads presents opportunities for potential vendor lock-in pose ongoing
business growth and efficiency. threats to cloud storage adoption.

10
Business Continuity with
Cloud Storage

11
12
 Business continuity
Business continuity refers to the
Key Mechanisms
ability of an organization to continue 1. Data Backup
its critical operations during and •Data is regularly backed up to the cloud.
after a disruption such as hardware •Prevents data loss in case of system failure.
failure, cyber attack, or natural disaster.
2. Data Replication
•Data is copied across multiple cloud servers or locations.
Cloud storage plays a key role by •Ensures availability even if one server fails.
providing reliable, remote, and
3. Disaster Recovery (DR)
scalable data storage and recovery •Systems and data can be quickly restored from cloud storage.
solutions. •Reduces recovery time.
Role of Cloud Storage in Business
Continuity 4. High Availability
•Cloud providers ensure continuous system operation using
Cloud storage ensures: distributed infrastructure.
• Data availability even during failures
• Remote access to data from anywhere 5. Scalability
• Automatic backup and recovery •Storage capacity can be increased during emergencies without
• Reduced downtime hardware limitations.
13
 Strategies for Disaster Recovery
01 02 03
Data Replication
Automated Backups Recovery Testing
Replicate data across multiple, geographically
dispersed data centers to ensure redundancy and Schedule regular, automated backups to minimize Conduct frequent recovery drills to validate disaster
availability. manual intervention and reduce risk of data loss. recovery plans and ensure readiness.

04 05
RTO & RPO Metrics Continuous Improvement
Monitor Recovery Time Objectives (RTO) and Regularly review and update disaster recovery
Recovery Point Objectives (RPO) to align with strategies to adapt to evolving threats and
organizational SLAs. technologies.

14
 Breakdown of Terms Example

• RTO (Recovery Time Objective):

If SLA states:
The maximum acceptable time to restore a
• RTO = 1 hour
system after a failure.
• RPO = 15 minutes
(e.g., system must be restored within 2 hours)
• RPO (Recovery Point Objective):
Then the organization must ensure:
The maximum acceptable data loss, measured
• System recovery happens within 1 hour
in time.
• Data loss does not exceed 15 minutes
(e.g., data loss should not exceed 30 minutes)
• SLA (Service Level Agreement):
A formal agreement that defines expected
service performance (uptime, recovery time, etc.).

15
Example
Advantages

• A company stores its data in Amazon S3.

• Reduced data loss
If the local server crashes: • Faster recovery time
• Data is retrieved from the cloud • Cost-effective solution
• Systems are restored quickly • Improved reliability
• Business operations continue with • Supports remote work and access
minimal interruption

16
 99.9%
Role of Cloud Storage in BCP
Average uptime achieved by businesses using cloud storage for continuity planning.

17
Cloud Security: Basic
Concepts
18
 Basic Concepts of Information Security
Information Security in cloud computing focuses on protecting data, applications, and
infrastructure from unauthorized access, misuse, and attacks. In cloud environments, security is
critical because data is stored remotely and accessed over networks.

1. CIA Triad (Core Security Principles)

a) Confidentiality b) Integrity
Ensures that only authorized users can access Ensures that data remains accurate, consistent, and
data. unaltered.
Techniques: Techniques:
•Encryption •Hash functions
•Access control •Digital signatures
•Authentication mechanisms •Data validation

c) Availability
Ensures that data and services are available when required.
Techniques:
•Backup systems
•Redundancy
•Disaster recovery mechanisms

19
 3. Data Protection Mechanisms
2. Authentication and Authorization
Authentication • Encryption: Protects data during
• Verifies the identity of users or storage and transmission
systems • Secure communication protocols:
• Example: Passwords, biometrics Ensure safe data transfer
• Data isolation: Prevents access
between different users (multi-
Authorization tenancy security)
• Determines access rights and
permissions 4. Threats, Vulnerabilities, and Risks
• Example: Role-Based Access Control
•Threat: Potential attack (e.g., malware,
(RBAC) hacking)
•Vulnerability: Weakness in the system
•Risk: Probability of damage due to threats
exploiting vulnerabilities

20
5. Security in Cloud Environments 6. Compliance and Policies

• Data is stored in remote servers, • Organizations must follow security

increasing exposure
policies and standards
• Requires strong access control and
• Ensure compliance with
encryption
• Shared resources demand multi-
regulations and industry
tenant security practices
• Continuous monitoring and auditing
is essential

21
Core Security Principles

Confidentiality Availability Authorization

Ensures systems and data are accessible when needed, Determines what authenticated users are allowed to do
Ensures sensitive data is accessible only to authorized
minimizing downtime. within the system.
users, preventing unauthorized disclosure.
Authentication Non-repudiation
Integrity
Verifies the identity of users or systems before granting Provides proof of actions and transactions, preventing denial
Guarantees data accuracy and consistency, protecting access. of involvement.
against unauthorized modification.
22
Cloud Storage: Threats & Vulnerabilities

Threats Vulnerabilities
Data breaches, insider threats, misconfigured Shared multi-tenant infrastructure, lax access
buckets, account hijacking, and DDoS can expose controls, and weak encryption increase exposure to
sensitive data and disrupt services. exploitation; misconfigurations drive many
breaches.

Impacts Mitigation Strategies

Loss of data, financial damage, reputational harm, Enforce strong access controls, encrypt data, run
and regulatory penalties—severity varies by regular audits, and monitor proactively—prioritize
incident scope and duration. fixing misconfigurations (over 50% of breaches).

23
Managing VDC and
Cloud Environments
Overview of VDC Management
Provisioning and Scaling Cloud Resources
Cloud Infrastructure Lifecycle Management

24
Overview of VDC
Management
What a VDC provides

VDCs abstract physical hardware into flexible

pools of compute, storage, and networking
for rapid provisioning and change.
How management tools help

Centralized control supports resource

allocation, performance monitoring, and
security policy enforcement across tenants
and workloads.
Market direction

Enterprises are shifting toward VDCs to

improve agility while optimizing
infrastructure utilization and cloud spend.

25
Overview of VDC
Management
Key Concepts in Managing VDC

a) Virtualization
•Core technology behind cloud and VDC
•Enables multiple OS and applications on
one physical server
•Improves utilization and flexibility

b) Resource Pooling
•Resources (CPU, memory, storage) are
pooled
•Dynamically allocated based on demand

c) Multi-tenancy
•Multiple users share the same infrastructure
securely
•Important for SaaS applications

26
 Overview of VDC
Management
What is VDC?

VDC (Virtual Data Center) is a pool of

virtualized resources such as:

•Virtual machines (VMs)

•Storage
•Networking

It is created using virtualization technology,

which separates software from hardware.

Each user or application feels like they

have a dedicated system, even though
resources are shared.

27
 Overview of VDC Management
Cloud Environment Management
Managing cloud involves handling:

a) Infrastructure Management (IaaS)

•Provisioning virtual servers (e.g., EC2-like systems)
•Managing storage and networking
•Automated through dashboards or APIs

b) Platform & Application Management

•Deploying applications using cloud platforms
•Using Dev 2.0 tools for rapid development

c) Data Management
•Cloud uses distributed data stores (not traditional
DBs)
•Different consistency and performance models

d) Workload Management
•Handling large-scale processing using:
• MapReduce
• Parallel computing
•Ensures fault tolerance in large clusters 28
 Overview of VDC Management
Cloud Environment Management
Managing cloud involves handling:

a) Infrastructure Management (IaaS)

•Provisioning virtual servers (e.g., EC2-like systems)
•Managing storage and networking
•Automated through dashboards or APIs

b) Platform & Application Management

•Deploying applications using cloud platforms
•Using Dev 2.0 tools for rapid development

c) Data Management
•Cloud uses distributed data stores (not traditional
DBs)
•Different consistency and performance models

d) Workload Management
•Handling large-scale processing using:
• MapReduce
• Parallel computing
•Ensures fault tolerance in large clusters 29
 Overview of VDC Management
Key Management Functions

Provisioning
•Creating and allocating VMs dynamically

Monitoring
•Tracking performance, usage, failures

Security & Governance

•Access control, encryption, compliance

Scalability
•Auto-scale resources based on demand

Cost Management
•Pay-as-you-use model
•Optimize resource usage

30
 Overview of VDC Management
Challenges in Managing Cloud/VDC

Security risks
Vendor lock-in
Data consistency issues
Managing multi-cloud environments

Simple Diagram (Concept)

Users
↓
Cloud Interface (Portal/API)
↓
VDC (Virtual Layer)
├── Virtual Machines
├── Virtual Storage
└── Virtual Network
↓
Physical Data Center (Servers, Storage)
31
 Cloud Infrastructure Lifecycle Management
Planning Deployment Monitoring

Define requirements, select Provision resources, configure Implement continuous

cloud services, and establish environments, and automate monitoring and logging to track
governance policies for initial setup using infrastructure- performance, security, and
upcoming workloads. as-code. compliance.

Optimization Maintenance Decommissioning

Analyze usage data, apply Perform updates, patching, and Retire unused resources, archive
predictive analytics, and adjust proactive maintenance to ensure data, and ensure secure disposal
resources for cost and reliability and security. in compliance with policies.
performance efficiency.

32