Beruflich Dokumente
Kultur Dokumente
2nd International Symposium on Cloud Computing Melbourne, 17 May 2010 http://www.rogerclarke.com/II/CCSA {.html,.ppt}
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
Copyright 2010
Copyright 2010
Precursors / Related Concepts A Working Definition An Architectural Framework User Benefits Disbenefits and Risks Operational Contingent Security Business Implications
2
QuickTime and a TIFF ( ncompressed) decompressor are needed to see this picture.
" ... a snapshot of the relative maturity of technologies ... "They highlight overhyped areas against those that are high impact, estimate how long they will take to reach maturity, and help organizations decide when to adopt"
Copyright 2010 3
TIFF r
QuickTi c r ss t s
r ss r t is ictur .
Copyright 2010
tt :// ...
v rl b.bl gs
t.c
/2008/08/... r- y . t l
i - ist ry-t r ug -g rt
Quic Time and a TIFF ncompressed decompressor are needed to see this picture.
Copyright 2010
http://www.lostinthemagicforest.com/blog/wp-content/... ...uploads/2007/10/gartner2007.jpg
uic Time and a T FF ncompressed decompressor are needed to see this picture.
http://adverlab.blogspot.com/2008/08/...
Copyright 2010
...media-history-through-gartner-hype.html
Copyright 2010
Gartner Hype Cycle for Cloud Computing July 2009 $US 1,995 (53 pp.)
On the Rise Cloud Services Governance Cloud-Driven Prof'l IT Services, Solutions Cloud Computing/SaaS Integration Cloudbursting/Overdraft Cloud Service Management Tools Tera-architectures Virtual Private Cloud Computing Application Platform as a Service Cloud Computing for the Enterprise DBMS in the Cloud Private Cloud Computing Business Process Utility Hybrid Cloud Computing Cloud Application Development Tools Cloud-Based E-Mail Services Cloud-Enabled BPM Platforms Cloud Security Concerns Cloud Storage
At the Peak Elasticity Enterprise Portals as a Service Cloud/Web Platforms Compute Infrastructure Services 'In the Cloud' Security Services Cloud Computing Public Cloud Computing/the Cloud Sliding Into the Trough Real-Time Infrastructure IT Infrastructure Utility SaaS Climbing the Slope SaaS Sales Force Automation Virtualization Cloud Advertising Grid Computing Integration as a Service
Copyright 2010
http://www.gartner.com/DisplayDocument?id=1078112&ref=g_sitelink
Predecessor Terms
Related Concepts
Computing as a utility / 'computer service bureaux' / 'data centres' 1960s, 1970s Application Service Providers ASPs 1980s working from home / tele-work 1980s working on the move / 'road warrior' 1990s docking portables to corporate networks portable-to-desktop synchronisation Internet Service Providers ISPs late 1980s Web Services 2000 Service-Oriented Architecture SOA early-to-mid-2000s
Copyright 2010
Software as a Service (SAAS) late 1990s, e.g. Salesforce Cluster Computing inter-connected stand-alone computers are managed as a single integrated computing resource Grid Computing computational resources are assigned dynamically Peer-to-Peer (P2P) architectures Server-Virtualisation Infrastructure as a Service (IaaS) 2006 Platform as a Service (PaaS) 2006 Anything as a Service *aaS / AaaS
Scalability ('there when it's needed) Flexible Contractual Arrangements ('pay per use') Opaqueness ('let someone else worry about details') which means less user control:
of the application, through commoditisation of service levels, through SLA dependence (assuming there's an SLA, and it's negotiable of host location, through resource-virtualisation
12
Copyright 2010
Sample Architectures
Q i Ti TIFF (LZW) r t
r t i
r i t r .
Q i Ti TIFF (LZW) r t
r t i
r i t r .
CSA (2009) 'Security Guidance for Critical Areas of Focus in Cloud Computing' Cloud Security Alliance, April 2009 Youseff L., Butrico M. & Da Silva D. (2008) 'Toward a Unified Ontology of Cloud Computing' Proc. Grid Computing Environments Workshop, 2008
Copyright 2010
13
Copyright 2010
Buyya R., Yeo C.S., Venugopal S., Broberg J. & Brandic I. (2009) 'Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility' Future Generation Computer Systems 25 (January 2009) 599-616
14
Client App Utility Software esp. WebBrowsers Platform System Sware User Device Intermediating Infrastructure
Cloud Manager
Client-Side Infrastructure
Copyright 2010
Cloud Infrastructure
15
"
& #
!
# ! "
% #%
&%
'
rg i tio
ro r
Ci t pp
"
Co
r r pp
&%
ti ity ot r p
ro
t or y t r
g r
Co r tr t r
( &%
Co t or
Ho t
Ci t i r tr t r
t r i ti g r tr t r
% #% (
r r i r tr t r
&
% #% ( & (
% #% ( &
Copyright 2010
A Comprehensive CC Architecture
t ( ) po i y r pi t
16
Enhanced Service Accessibility Access to Services that are otherwise unavailable Access to Services from multiple desktop devices Access to Services from scaled-down devices Access to Services from multiple device-types Other Technical Benefits Professionalised backup and recovery Scalability Collaboration convenience Copyright convenience Financial Benefits Lower Investment / up-front cost Lower Operational Costs Lower IT Staff Costs
17
Copyright 2010
Contingent Risks
Low likelihood / Potentially highly significant
Security Risks
Security in the broad
Copyright 2010
18
Fit to users' needs, and customisability Reliability continuity of operation Availability hosts/server/database readiness/reachability Accessibility network readiness Robustness frequency of un/planned unavailability
(97% uptime = 5 hrs/wk offline)
Resilience
Integrity sustained correctness of the service, and the data Maintainability fit, reliability, integrity after bug-fixes, mods
19
Copyright 2010
Contingent Risks
Data Survival data backup/mirroring and accessibility Compatibility software, versions, protocols, data formats Flexibility
Customisation orward-compatibility (to migrate to new levels) Backward compatibility (to protect legacy systems) Lateral compatibility (to enable escape)
Copyright 2010
20
Security Risks
Service Security
Environmental, second-party and third-party threats to any aspect of reliability or integrity
Data Security
Environmental, second-party and third-party threats to content, both in remote storage and in transit
Susceptibility to DDOS
Multiple, separate servers; but choke-points will exist
Copyright 2010
21
Acquisition
Lack of information, non-negotiability of terms of contract and SLA
Ongoing Usage
Loss of corporate knowledge about apps, IT services, costs to deliver Inherent lock-in effect, because of high switching costs High-volume data transfers (large datasets, replication/synch'n)
Second-Party (service-provider abuse), Third-Party ('data breach', Copyright 'unauthorised disclosure'), Storage in Data Havens (India, Arkansas)
2010
Risk Assessment Contract Terms Service Level Agreement (SLA) Multi-Sourcing Parallel in-house service Several compatible suppliers ...
Copyright 2010
23
Copyright 2010
http://wiki.en.it-processmaps.com/index.php/Checklist_SLA_OLA_UC
24
Assured Data Integrity Assured Service Integrity Assured Compliance with legal requirements within jurisdictions to which the user organisation is subject Warranties and indemnities in the contract, terms of service and SLA (if any) But who audits and certifies?
25
Copyright 2010
Categories of Use-Profile
UP1: CC is completely inappropriate 'mission-critical systems' systems embodying the organisation's 'core competencies' applications whose failure or extended malperformance would threaten the organisation's health or survival UP2: CC is very well-suited Uses of computing that are highly price-sensitive, and adjuncts to analysis and decision-making, not essential operations Trade off loss of control, uncertain reliability, contingent risks against cost-advantages, convenience, scalability, etc. UP3: CC is applicable depending ... can the risks be adequately understood and managed? trade-offs between potential benefits vs. uncontrollable risks
26
Copyright 2010
3. Declaration, Measurement
2. Compliance Assurance
Service Security Service Access Controls Data Transmission Security Data Storage Security Data Use (by service-provider) Data Disclosure (by others) Jurisdictional Location(s) of Data Storage
Service Reliability Levels Service Survival Protections Data Survival Protections Service and Data Compatibility Service and Data Flexibility
Copyright 2010
Server Privacy Policy Statement User Privacy Rqmts Statement Comparison of the two Preclusion of Usage where Requirements are not satisfied
27
CCAs must be comprehensive, encompassing not only the server side, but also the client side and intermediating functions Security Risk Assessments and Solutions must be end-to-end rather than limited to the server side CCA designers must address the risks arising from vulnerable user devices and vulnerable clients Client authentication must be achieved through components, APIs, and externally-managed identities (Shibboleth, OpenID) Jurisdictional Locations of Hosts must be controlled These all depend on CCAs including specs and implementation of multiple special-purpose components and features Privacy management must go beyond 'privacy through policy' and 'privacy by design' to 'Privacy through Architecture'
28
Copyright 2010
Conclusion
"Past efforts at utility computing failed, and we note that in each case one or two ... critical characteristics were missing" (Armbrust et al. 2008, p. 5 UC Berekeley) CC may be just another marketing buzz-phrase that leaves corporate wreckage in its wake CC service-providers need to invest a great deal in many aspects of architecture, infrastructure, applications, and terms of contract and SLA
Copyright 2010
29
2nd International Symposium on Cloud Computing Melbourne, 17 May 2010 http://www.rogerclarke.com/II/CCSA {.html,.ppt}
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
Copyright 2010
30