This article introduces the cloud computing system (CCS), discussing the overall benefits and risks with the fundamental principles. A discussion of the three main cloud delivery models takes place, and the inclusion of comparisons with links back to the CCS principles, including a case study, progressing for each model, to provide an applied example summarising all of the discussed aspects, highlighting key differences and requirements.
Cloud computing systems improve on the long-established distributed computer systems (DCS) model. With computing provided as a service rather than a product, CCS is an environment designed for remotely provisioning scalable and measured IT resources. With these services, including data processing and storage, CCS enables users to access and utilise them, metered and on-demand, over a network without requiring any specialised physical hardware or infrastructure. There are three main types of cloud delivery architecture models allowing for easy and cost-effective scalability of IT resources, each with a differing level of control and responsibility that the cloud service provider (CSP) and the customer have over the underlying infrastructure and software.
CCS introduces three main benefits over the traditional DCS, improvements in capacity planning, where services are provisioned correctly with flexibility without leading to inefficiency or insufficiency, and improvements in cost reductions, with defined limits for the ongoing ownership costs of infrastructure to allow for cost-effective growth, and finally, improvements in agility, with the ability to scale services vertically and horizontally to adapt and evolve in response to internal and external pressures. The fundamental characteristics of CCS are the following:
As mentioned, CCS introduces services, which are resources remotely accessible via the cloud, ranging from web-based programs (web services) to remote access points for admin tools (virtual servers). By implementing usage metering, the focus shifts to what the consumers want rather than how they get it, therefore, paying for only what they use. Hence the utility service provisioning model, where the CSP makes infrastructure and resources available to the customers, and customers pay for computing, storage, and network resources. The Service-oriented Architecture (SOA) best defines this approach, where software design involves services as modular, reusable, and loosely coupled software components that can be accessed and used by other software applications or services. The development of services takes place with independence and self-containment in mind in SOA, with their functionalities exposed through well-defined interfaces, such as HTTP and RESTful APIs.
The reliance on a CSP opens the need for a contractual agreement between the consumer and provider. The service- level agreement (SLA) best describes this. Using measurable metrics such as uptime, response time and availability, the SLA can define a scope of services, performance metrics, responsibilities and penalties for any breaches, allowing for the CSP to benefit by optimising infrastructure to meet the agreement and also helping the customer benefit by reducing the level of uncertainty with the process.
With CCS, users can experience a reduced investment and proportional cost due to the required reduction to build and maintain infrastructure. Furthermore, improvements in scalability are present due to the SOA, thus further improving availability and reliability. However, there are risks to consider. There will be an increase in potential security vulnerabilities as a result of the share of responsibility with a third-party CSP whose priorities may differ from yours. There becomes a reduced level of operational control due to the offload of infrastructure to the CSP, further causing limited portability between CSPs due to proprietary infrastructure solutions. And finally, the ability of location flexibility can cause multi- regional compliance issues, where various laws may differ, resulting in higher costs to enforce.
The traditional machine architecture consists of apps and libraries installed on the base OS, which results in single hardware, single OS, and shared binary/libraries with poor isolation and security. Virtualisation can help eliminate this issue with a hypervisor layer responsible for many realisations of guest OSes. By allowing for the deployment of multiple instances of multiple services, vertical scaling is made possible by tweaking the hardware allocation of each guest.
Figure 1: Virtualisation With Hypervisor Architecture
Virtualisation with hypervisors, shown in Figure 1, is com- mon at datacentres to allocate and manage instance resources and to deploy more than one guest to a single server. Cloud management systems, such as the Azure Fabric Controller [1], can select which server to run a particular VM on, assign how many VMs to run on a single server and designate resources based on some roles/role instances with upgrade and fault domains specified by the app. It is a requirement that the users of each app in different VMs must not notice each other despite running on the same hardware. However, they may do if performance is affected by another VM. Fabric Controllers monitor the health of each VM and each physical machine through the heartbeat of the host agent or by polling the host agent to check for the physical machine status [2]. The host agent monitors the guests and can restart them upon receiving no response. Guest agents can report issues to the host and reboot the roles that terminate.
Docker is an open-source containerisation platform to pack- age apps, file systems, parameters, and metadata with a Dockerfile into a so-called Image. Docker Hub is a registry service on the cloud allowing users to upload their own Docker Images and download third-party or own images.
Figure 2: Basic Containerised Architecture
Figure 3: Advanced Containerised Architecture
Containerisation with Docker can help add another virtualisation layer, making it a faster, safer, and highly efficient solution than traditional VMs. With the images housing the app, all libraries, dependencies, and the data, they form a single and easy-to-manage package a Docker container can utilise to initialise to a running state in seconds. Users of containerisation will experience a higher level of modularity in their deployments, as they can containerise parts of a single service, as shown in Figure 2. Users can take one step further by implementing containers over a hypervisor, as seen in Figure 3, for added control and redundancy.
Containers are lightweight and can share libraries with other instances to benefit start-up speeds. They allow us to fit many more services and realisations on a single host. As images are ephemeral, distributing them is effortless across clouds, enabling deployment over multiple hosts regardless of location and seamless replication without data loss for scalability. However, there are some disadvantages to consider, the main one being the difficulty in isolating multiple containers in the same OS instance, resulting in security concerns, and ports and IP addresses are not quite as simple to manage as it is for VMs, and it can get quite confusing when implementing multiple layers of virtualisation on top of VMs.
Often abbreviated to K8s, Kubernetes is a portable, extensible, open-source platform for managing containerised workloads and services that facilitates declarative configuration and automation [3]. Pods house one or many containers, a Pod being the smallest deployable unit, such as a single instance of an app. Pods can share persistent storage volumes, and shared storage volumes are accessible by all containers in a single Pod.
As each Pod is a single instance of a particular app, we can use multiple pods by replication to achieve horizontal scaling. The Pod Controller creates and manages replicated Pods. With each Pod being transient and disposable, they will continue their process until termination, a failure, or lack of resources, and they cannot heal themselves. The ReplicationController RC) handles the creation, replication, rollout, and Pod self-healing at a cluster level [4]. The RC manages the Pod population by creating/terminating to maintain the specified number. The RC is crucial for autoscaling, rolling-out updates, and supporting multiple releases. K8s Deployments, a higher-level API replacement to the RC, provides declarative updates for Pods and ReplicaSets, enabling rolling update functionality [5].
There are three main threats in cloud computing systems:
These threats induce risks when deploying and maintaining a cloud model:
With the addition of anti-virus software on both the service and the client side, we can mitigate the risk of malware. Similarly, mitigating the risk of system breaches and DDoS attacks is possible by implementing firewall technologies. Cloudflare is a popular cloud cybersecurity provider that provides many solutions, such as DDoS mitigation and global firewall rules [6].
Software vulnerability mitigation on the consumer side is straightforward as they have control over it, unlike the CSP infrastructure. The necessity to trust and rely on the CSP security guidelines induces a third-party risk.
There are two fundamental blueprints to help understand the construction and practicability of the cloud, the deployment models, and the service models.
Public | Private | Community | Hybrid | |
---|---|---|---|---|
Scope of Service | Open for General Public and Large Industrial group: system and services are easily accessible to general public on demand | Open for licensed users, single organization: services & accessibility of cloud infrastructure is exclusively available within organization or owned persons | Open for community users that have shared concerns (mission, security, policy etc.) | Open for general public & licensed users |
Ownership | Always Third-Parties (CSPs) | Single Organisations | Single Organisations | Single Organisations |
Management | Always Third-Parties (CSPs) | Single Organisations or CSPs | Serveral Organisations or CSPs | Single Organisations or CSPs |
Location | Off-Premise | On or Off-Premise | On or Off-Premise | On or Off-Premise |
Table 1: Summary of the Deployment Models [7]
The cloud deployment model identifies the specific type of cloud environment based on ownership, scale, access, and the nature and purpose of the cloud [8]. It specifies the location of the servers, who controls them, what the infrastructure will look like, and what you can change. There are four main categories of cloud, each summarised in Table I.
Also known as the service models, they are commonly used to represent a set of pre-packaged IT resources provided by a CSP. The three main models are infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS), and software-as-a-service (SaaS). The following sections will study the three models using available design choices and possible challenges.
Like building a house, the consumer constructs and manages the software and hardware resources, such as hardware specifications of the virtual server, network, OS, and any software in it. Resources will appear virtual and abstracted so consumers can only see an interface and not the physical entities. Consumers are responsible for configuring and utilising the infrastructure as resources are not pre-configured.
IaaS enables a highly controllable and configurable platform which allows the deployment of entire enterprise infrastructures. It is highly scalable as virtual server upgrades are easily possible by adding more RAM, vCPUs, and disk space. With DigitalOcean Droplets (a VPS offering), you can scale up with just a few clicks via the web portal [9]. Pricing is also quite flexible as providers only charge a fixed cost for the number of hours a virtual private server (VPS) is on. CSPs monitor and maintain hardware so there will be fewer failure points as they will support redundancy and other fail-safes to enforce SLA.
Unfortunately, there are a few drawbacks to IaaS. Significant configuration is required, inducing the need to invest in specialised personnel to set up and maintain. Although it is cheap to purchase IaaS offerings from CSPs, it becomes more expensive to run. Furthermore, a less than full utilisation of a VPS induces wasted costs.
Consider a business that sells Disney Licensed merchandise, such as Star Wars and The Mandalorian action figures. A brick-and-mortar company that somewhat suffered during the COVID-19 pandemic, they want to take their business online to open their customer base worldwide. Luckily the Assistant Store Manager, Olaf, has been learning Python, the Django Web Framework, and various skills required for cloud computing, enabling him to develop, deploy and maintain an e-commerce website. Olaf proposes the idea of building a website on an IaaS model to the owner of the business, Elsa, bringing up the highly controllable and scalable characteristics, making running costs cheaper. However, there is a need for a higher workload to maintain this infrastructure. Elsa agrees with the proposal, and Olaf starts building the website.
Olaf opts to deploy the containerised web app, PostgreSQL database, and Nginx reverse proxy on an AWS Lightsail instance [10]. Olaf chooses the 0.5GB Lightsail bundle with 1vCPU, 512MB RAM, 20GB SSD, and the Lightsail Object Storage. Equivalent to the AWS S3 buckets, Lightsail Object Storage comes bundled with the Lightsail instance and is cheaper. Olaf also selects the Lightsail CDN (Content Delivery Network) to distribute project assets such as images across multiple worldwide datacentres to reduce webpage load times.
Olaf initiates a Lightsail Object Storage bucket for the deployment to host all the project assets, such as CSS and image files. He opts for object storage rather than storing directly on the Lightsail instances to take advantage of the global CDN and mitigate the risks of overfilling the VPS storage drive. With the deployment of the website, Elsa began to shift customers from brick-and-mortar to online. As more users began to load the website, a few problems came to light. There was a massive slowdown of the website, and upon troubleshooting, Olaf found that the Lightsail instance was not powerful enough to host the entire website. He restructured the architecture, as one easily can with IaaS, by instantiating additional 0.5GB instances. Olaf used 1 VPS to deploy the database container and the other 3 for the web app with reverse proxy. He utilised Kubernetes for the container orchestration enabling a load-balanced container cluster across the three Lightsail instances. When browsing the web traffic logs, Olaf noticed a flood of requests to various ports to the Lightsail instance, partially the cause of the slowdowns. Olaf created a network for all Lightsails and implemented a firewall to completely block all ports except HTTP (80) and HTTPS (443) [11]. He disabled SSH access as he set up AWS Identity and Access Management (IAM) to control access to the infrastructure, including terminal access and upload access to the object storage bucket [12]. He also implemented Cloudflare services to implement DDoS mitigation and to set up rules to block and rate limit certain pages [13].
Quantity | Instance | Total Price ($/mo) |
1 | Basic Lightsail Instance (512MB) | 3.43 |
1 | Lightsail Object Storage (100GB) | 3.00 |
1 | Lightsail CDN | 2.50 |
Total | 8.93 | |
4 | Basic Lightsail Instance (512MB) | 13.72 |
1 | Lightsail Object Storage (100GB) | 3.00 |
1 | Lightsail CDN | 2.50 |
1 | Lightsail Load Balancer | 17.66 |
1 | Cloudflare | 0.00 |
Total | 36.88 |
Table 2: IaaS Lightsail Pricing [14][15]
The pricing for the single-instance infrastructure and multi-instance configuration in Table II shows a low monthly outflow, but of course, this does not account for the labour costs involved with configuring and maintaining it.
Like buying a pre-built house, the PaaS infrastructure provides some flexibility, and although less than an IaaS platform, PaaS requires much less effort. This infrastructure model consists of pre-deployed and configured resources, where the CSP manages the OS, hardware and server software and supports custom applications through pre-defined environments, which the consumer can interface, such as web servers and databases.
The tightly defined characteristic and higher level of abstraction in PaaS provides easy access and management through web-based portals, enabling consumers to manage their platform without device or location boundaries and with simplified implementations such as the one-click WordPress website installers such as the one found in cPanel [16], or various apps in Heroku as add-ons [17]. The increase in simplification and management by the CSP results in the independence of specialised personnel, removing the cost and effort of manually building the infrastructure. Although, one does require basic knowledge of PaaS to construct products.
Despite its benefits, PaaS does lack control over the underlying resources that IaaS offers. Consumers cannot directly communicate with the server hardware, software, and networking. Additionally, PaaS products can be more expensive than IaaS when only considering the services without the labour costs for setup and maintenance.
Due to much higher reliance on the cloud infrastructure and global warming, Olaf notices his health is melting as he struggles to juggle his roles of Assistant Store Manager and IT Manager. As the number of customers on their online platform increases, Olaf knows that the current IaaS infrastructure is scalable horizontally and vertically by increasing the number of Lightsail instances. However, with a growing stack, Olaf will have to create a dedicated IT department, an idea that Elsa rejects. As most of the codebase is already in Docker image form, Olaf proposes shifting to a PaaS model. By deploying the website onto PaaS containers, scaling up or down can be easily achieved through the CSP web portal, and Olaf does not need to manage individual VPS machines.
Elsa approves, and Olaf starts shifting the website to PaaS. Olaf considers AWS EC2, but the steep pricing did not sit well with him. He instead looks into Heroku as the CSP. He is rather enticed by it as management seems simple with the web UI, and the Add-on Marketplace can help cut down his overall workload and effort requirements. The Django app powering the website resides in a Docker image, which Olaf deploys onto the Heroku Dynos, and just as before, he creates 3 Performance M Dynos for the web app, and he additionally instantiates an instance of the Heroku Postgres Standard 0 service. Heroku has built-in load balancing when an app is scaled with multiple Dynos, eliminating the requirement for a dedicated load-balancer, and further reducing costs [18]. Olaf then shifts assets from his AWS Lightsail bucket to the Bucketeer object storage provided as a Heroku Add-on. He dumps the database from his Lightsail instance, which he loads into the Heroku Postgres instance. As the CSP manages infrastructure hardware and software to eliminate security vulnerabilities, the only risk lies within the website software. Therefore, Olaf enables GitHub Dependabot alerts, which create pull requests to patch vulnerabilities in dependencies, which works seamlessly with Heroku as the app is rebuilt automatically on pull request merge.
Quantity | Instance | Total Price ($/mo) |
3 | Performance M Dyno | 750 |
1 | Heroku Postgres Standard 0 | 50 |
1 | Bucketeer Enterprise | 1250 |
1 | Cloudflare | 0 |
Total | 2050 |
Table 3: PaaS Heroku Pricing [20]
Access to the dynos, database, and S3 bucket is only possible through the Heroku accounts that Olaf permits. Whilst Heroku protects against certain kinds of attacks at the platform level, it does not offer any user-configurable firewall for individual apps [19]. Cloudflare provides Web Application Firewall (WAF) free of charge. As shown in Table III, the new monthly costs of running the website have increased by over $2000. But Olaf has noticed a massive reduction in his workload and stress levels. Furthermore, he sees an improvement in the website performance as the billed hardware was fully utilised by just the web app and not shared with anything else, such as an OS or any other services.
Like staying in a hotel, consumers will receive little or no flexibility in exchange for zero effort to set up and maintain. SaaS consists of any service where customers can access applications over the internet, enabling location and device independence, forming software-on-demand where renting is favoured over outright buying. The CSP manages the entirety of the infrastructure as well as all software, including updates with new features, security patches and bug fixes, only exposing access to each service with the primary aim of making reusable cloud services widely available. SaaS requires absolutely no hardware, setup or maintenance costs and consumers are required to only pay for measured use with the ability to stop when a service is no longer needed. Although the CSP takes full responsibility for the handling of the infrastructure, some of the design choices may not be in line with the consumers, resulting in no end-user control over the underlying resources. Despite being able to suggest new features, it is up to the CSP to implement them, resulting in a further lack of control and customisation options for the consumer. With SaaS, a huge 3rd-party risk is involved due to the delegation of infrastructure management to the CSP, resulting in a higher reliance on the provider, so if they have a system glitch or the business itself goes down, it will take the end-user deployments down as well. As the CSP handles all the infrastructure management, the provider will charge a much steeper cost than IaaS and PaaS solutions.
Many months after the shift to a PaaS infrastructure, Olaf resigns from the business as he takes his early retirement. He assures Elsa that the website deployment will continue to work as it did for the last few months. Olaf did suggest helping recruit a replacement IT Manager and help train them, but Elsa thought it would not be necessary. About a year after Olaf departed, Elsa noticed the website was offline. She asks her sister, Anna, for help to debug the issue and bring the website back up as she is starting to lose customers. Anna, who already has a busy schedule, offers to help and propose solutions so this does not repeat.
Anna noticed that the latest minor Django update consisted of changes which broke part of the web application. And as Olaf set up an automation to merge pull requests, the broken project was distributed to the production branch and thus on to the Heroku Dynos, resulting in them failing to start. Anna suggests that Elsa moves to a SaaS platform where everything from the server hardware, OS, software and scaling is handled by a provider so that Elsa can manage the website herself and will not require dedicated IT personnel. Anna suggests Shopify, rated one of the best e-commerce platforms by a few sources [21][22], a SaaS solution for building e-commerce websites without requiring technical background knowledge. They spend a few hours together choosing a website theme, listing products and setting up the inventory management and payment methods. Anna helps Elsa destroy the Heroku Dyno instances and deletes the account. It now costs Elsa £344 per month for the website with the Shopify Advanced plan, but as she has moved inventory management and payment handling to Shopify, she spends an additional £89 per month for a Shopify POS Pro in her brick-and-mortar store [23]. Despite looking cheaper to deploy the website compared to the PaaS infrastructure, it becomes more expensive when accounting for the per-transaction fee that Shopify imposes. However, Elsa does not mind this as she does not have to payroll additional staff to maintain any aspect of the website. Furthermore, she can now do it all herself from the comfort of her home via her smartphone.
CCS offer highly efficient and cost-effective solutions, bringing massive advantages with flexibility, scalability and accessibility for businesses and individuals over the traditional DCS. The three main types of cloud delivery models, IaaS, PaaS and SaaS, provide a well-defined representation of IT resources packaged and sold by CSPs.
IaaS is the cheapest and most configurable model to deploy and maintain services, albeit the most labour-intensive to construct. With IaaS, the CSP provides the requested resources via a virtual and abstracted interface, giving the consumer free reign in their utilisation. Aside from the higher labour requirement, IaaS can further lead to wasted costs due to low utilisation as the CSP bills resources per hour instantiated.
The PaaS model adds a level of abstraction to aid in simplifying the deployment and maintenance of services compared to IaaS. However, this comes with deployment flexibility tradeoffs as the CSP only provides pre-deployed and configured resources for the consumer. However, this can be an advantage to many, as the lack of control over underlying resources, such as server hardware, software and networking, can vastly simplify the amount of labour needed with many of these aspects delegated to the CSP. This delegation results in a slightly higher cost in resources when compared to an IaaS solution.
The consumer can experience a more technically hands-off deployment of services with the SaaS model. Here, the CSP provides the deployment, maintenance, and software, allowing users to log in and use without additional worries and complexities. However, this deviates from the IaaS and PaaS models, where the consumer can deploy their software. With SaaS, they will have to rely on the one provided by the CSP with zero aspects of low-level customisations. A SaaS solution is much more expensive than both IaaS and PaaS. However, it is possible to eliminate the labour costs involved with deployment and maintenance.
With each design choice coming with a set of benefits and challenges, it is vital for businesses and individuals who are interested in building a cloud system architecture to consider the cloud delivery models to provide an abstract view of cloud architectures. When adopted correctly, these models can help lead to extensive reductions in cost savings and improvements in service stabilities. The cloud computing industry is evolving, with more solutions to niche products and vast refinements in existing ones. It is paramount for businesses and individuals to stay up-to-date with the latest trends, particularly security threats affecting the cloud, to re-evaluate and revise existing architectures regularly to ensure they remain effective and secure.
[1] Martinekuan, Zimmergren, RobBagby, garycentric, daparker919, alexbuckgit, and DCtheGeek, “How does Azure work? - cloud adoption framework”, Cloud Adoption Framework — Microsoft Learn, 23-Feb-2023. [Online]. Available: https://learn.microsoft.com/enus/azure/cloud adoption-framework/get-started/what-is-azure. [Accessed: 07-Apr-2023].
[2] Jamesmontemagno, ardalis, alexbuckgit, bvda, erjain, mvelosop, Youssef1313, nschonni, DonaldRWood, john-par, and mairaw, “Health Monitoring”, Microsoft Learn, 14-Mar-2023. [Online]. Available: https://learn.microsoft.com/enus/dotnet/architecture/microservices/implement resilientapplications/monitor-app-health. [Accessed: 07-Apr-2023].
[3] Kubernetes “Overview”, kubernetes.io. [Online]. Available: https://kubernetes.io/docs/concepts/overview/. [Accessed: 07-Apr-2023].
[4] Kubernetes “Replicationcontroller”, kubernetes.io, 15-Dec-2022. [Online]. Available: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller/. [Accessed: 08-Apr-2023].
[5] Kubernetes “Deployments” kubernetes.io, 18-Feb-2023. [Online]. Available: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/. [Accessed: 08-Apr-2023].
[6] Cloudflare “Protect websites & applications”, cloudflare.com. [Online]. Available: https://www.cloudflare.com/en-gb/solutions/protect-websitesapplications/. [Accessed: 09-Apr-2023].
[7] M. Saraswat and R. C. Tripathi, “Cloud Computing: Analysis of Top 5 CSPs in SaaS, PaaS and IaaS Platforms”, 2020 9th International Conference System Modeling and Advancement in Research Trends (SMART), p. 301, 2020.
[8] sameekshakhandelwal1712, “Cloud deployment models”, GeeksforGeeks, 29-Nov 2022. [Online]. Available: https://www.geeksforgeeks.org/cloud-deployment-models/. [Accessed: 11-Apr-2023].
[9] DigitalOcean “How to resize droplets” docs.digitalocean.com. [Online]. Available: https://docs.digitalocean.com/products/droplets/how-to/resize/. [Accessed: 11-Apr-2023].
[10] Amazon “Amazon Lightsail Common Use Cases” aws.amazon.com. [Online]. Available: https://aws.amazon.com/developer/learning/letsbuild-lightsail/. [Accessed: 11-Apr-2023].
[11] L. Simmons, “Instance firewalls in Amazon Lightsail”, Amazon. [Online]. Available: https://lightsail.aws.amazon.com/ls/docs/en us/articles/understandingfirewall-and-port mappings-in-amazon-lightsail. [Accessed: 11-Apr-2023].
[12] L. Simmons, “Managing access to Amazon Lightsail for an IAM user”, Amazon. [Online]. Available: https://lightsail.aws.amazon.com/ls/docs/en us/articles/amazon-lightsailmanaging access-for-an-iam-user. [Accessed: 11-Apr-2023].
[13] Cloudflare “Cloudflare Web Application Firewall · Cloudflare Web Application Firewall (WAF) DOCS”, developers.cloudflare.com. [Online]. Available: https://developers.cloudflare.com/waf/. [Accessed: 11-Apr-2023].
[14] Amazon AWS Pricing Calculator, calculator.amazon.aws [Online]. Available: https://calculator.aws/#/addService/Lightsail. [Accessed: 11-Apr-2023].
[15] Cloudflare “Our plans: Pricing”, cloudflare.com. [Online]. Available: https://www.cloudflare.com/en-gb/plans/. [Accessed: 11-Apr-2023].
[16] Softaculous Softaculous for cPanel, softaculous.com [Online]. Available: https://www.softaculous.com/softaculous/cpanel. [Accessed: 13-Apr-2023].
[17] Heroku “Heroku add-ons”, Add-ons - Heroku Elements. [Online]. Available: https://elements.heroku.com/addons. [Accessed: 13-Apr2023].
[18] Heroku “How Heroku Works: Heroku Dev Center”, How Heroku Works — Heroku Dev Center. [Online]. Available: https://devcenter.heroku.com/articles/how-heroku-works#http-routing. [Accessed: 14-Apr-2023].
[19] Heroku “Does Heroku offer a web application firewall (WAF)?”, Does Heroku offer a Web Application Firewall (WAF)? - Heroku Help. [Online]. Available: https://help.heroku.com/UEYQT73U/does-heroku-offera-web-application-firewall-waf. [Accessed: 14-Apr-2023].
[20] Heroku “Pricing” heroku.com [Online]. Available: https://www.heroku.com/pricing. [Accessed: 14-Apr-2023].
[21] J. Thornhill, “Best E-commerce platforms April 2023”, Forbes, 03-Apr-2023. [Online]. Available: https://www.forbes.com/uk/advisor/business/software/best-ecommerceplatform/. [Accessed: 16-Apr-2023].
[22] K. Petraskien ˇ e,˙ “The 10 best ecommerce platforms in 2023 [reviews]”, Omnisend Blog, 28-Mar-2023. [Online]. Available: https://www.omnisend.com/blog/best-ecommerce-platform/. [Accessed: 16-Apr-2023].