checo-6apr10
TRANSCRIPT
Quick Poll ● Quick show of hands: ● How many people have processes deployed to the
cloud? ● Who is planning to deploy to the cloud? ● Who believes this is just another flight of fancy?
● Larry Ellison on Cloud Computing ● “We have redefined cloud computing to include
everything we already do.” ● Cloud is not a revolution, it is an evolution.
Roadmap ● Overview ● Cloud Deployment
Models ● Cloud Services ● Cloud Adoption ● Cloud Challenges ● Cloud Predictions ● Q & A
Overview Other Characteristics: ● Like buying a utility, i.e. water, gas, electricity ● Multi-tenant (shared infrastructure) ● Co-mingled (data) ● Scale-of-economy (beyond enterprise) ● Amazon Web Services estimates 50K new
instances per day ● Cloud Codex -
http://www.451group.com/cloudscape/cloudscape_report_detail.php?icid=869
Overview Grid Utility Cloud
- Applying the resources to many computers in a network to a single problem - Form of distributed computing - Usually based on open standards - High levels of reliability
- Pre-packaged resources - Low or not initial cost for hardware - Typically rented - Rapid growth of capacity - Like utilities, i.e. water or electricity
- Customers do not own infrastructure - Access is base on rental - Can be based on the utility model - Delivered as a service with data stored in the cloud
Cloud Deployment Models Public Cloud: ● Third-party hosted service such as Amazon's
Elastic Compute Cloud (EC2) or Simple Storage Service (S3).
● On demand and inexpensive capacity ● Access unlimited capacity, as needed, on
demand on a per drink basis
Cloud Deployment Models Private Cloud: ● A corporate or internal cloud ● Proprietary computing architecture that provides
hosted services to a limited number of people behind a firewall.
● Advances in virtualization and distributed computing have allowed corporate network and datacenter administrators to become service providers.
● Better use of internal IT resources
Hybrid Cloud ● Mixture of internal/
external cloud resources
● Rapid access to extra capacity in public clouds
● Secure inter-connections between clouds
● Single system management view across cloud
● Automated provisions ● Siemens opens cloud
computing center near Brussels
http://www.slideshare.net/catherinewall/emerging-technology-in-the-cloud-real-life-examples-pol-mac-aonghusa
Cloud Deployment Models Community Cloud: ● Community shares infrastructure, whether public
or private ● Examples: ● Google’s Gov Cloud ● Science Clouds - http://scienceclouds.org/clouds/ ● Nimbus @ University of Chicago ● Stratus @ University of Florida ● Wispy @ Purdue University ● Kupa @ Masaryk University
Cloud Services As a Service: ● Software as a Service ● Salesforce.com, Google, NetSuite ● SAP, Oracle, Blackboard
● Platform as a Service ● Google App Engine, Amazon, RackSpace, NetSuite,
Microsoft ● Infrastructure as a Service ● Google, IBM, Amazon, RackSpace, SAVVIS
● Storage as a Service ● Amazon, Iron Mountain Digital, Zetta, Nirvanix, Caringo
● Security as a Service ● McAfee, Websense, Trend Micro
Cloud Adoption ● Conservatives may not see the value or utility of
moving processes into the cloud ● Don’t sell the concept – meet a need ● Core requirements? ● What pieces are the right fit? ● What problem needs solved? ● What are the risks?
● Evolution ● Fits into a business model that fits into an
architectural model
Cloud Adoption Know thy enterprise architecture: ● Cloud computing is an architectural option ● The approach of service oriented architecture
applies ● Decompose architecture into root components ● Understand the relationships of these
components ● Do your homework…
Cloud Adoption Business & Market Drivers: ● Pricing Structure – http://cloud-hosting-providers.com/ ● Pay-as-you-go, metered, monthly subscription
● The Cost of IT ● Average 9000 square foot data center costs $21 million to
build and $1 million/year in electricity ● 11.8 million servers; used at 15% capacity ● Data centers consume 1.5% of our nation’s electricity (EPA) ● $800 billion/year spent on purchasing/maintaining enterprise
software ● Green Initiatives ● Quick Deployment ● Empowering the Business ● Don’t Pay for Scability
Cloud Challenges ● Data Governance
● Legalities of data in the cloud ● Privacy ● Regulatory compliance - HIPPA, FERPA, PCI ● Data location – Google and China ● Data segregation
● Creation of verticals (separation of concerns) ● Government, Defense, Healthcare
● Manageability ● Applications won’t auto-scale
● Monitoring ● Measurement of transaction - Hypernic’s CloudStatus
● Reliability & Availability ● AWS Outage – 44 minutes on December 9
● Portability/Interoperability ● Band-width, Telecommunications and Delivery
http://cloudcomputing.sys-con.com/node/659288
Cloud Challenges Cloud Security: ● Standard web security issues apply in terms of
external attacks ● Top 10 threats by the CSA -
http://www.cloudsecurityalliance.org/topthreats ● Insecure APIs ● Malicious insiders ● Data leakage/loss ● Multi-tenant issues ● Account/service hijacking ● Cross channel, inner cloud attacks
● Current methods of intrusion detection are IP based
Cloud Challenges VM Environment Security: ● Exploiting issues within the multi-tenant
environment in between instances ● What about the trusted customer? ● Recent study on side channel attacks ● VMs on the same physical server can monitor shared
resources and make highly educated inferences on the target VM
Cloud Predictions Top 5 Predictions for 2010: ● The Rise of Standards ● First Major Outages ● Microsoft ● Consolidation of Existing Providers ● Rapid Rise of Startups
http://www.infoworld.com/d/cloud-computing/top-5-cloud-computing-predictions-2010-188
Q & A ● Contact Information ● Email: [email protected]
Books ● David Linthicum – Cloud Computing and SOA
Convergence in Your Enterprise: A Step-by-Step Guide
● Tim Mather – Cloud Security and Privacy ● Peter Fingar – The 21st Century Business
Platform on Cloud Computing
Websites/Videos ● Security, Cloud Computing, and the Coming Mobile Environment
– http://csis.org/multimedia/video-security-cloud-computing-and-coming-mobile-environment
● Cloud Computing Manifesto ● Cloud Security Alliance - http://cloudsecurityalliance.org/ ● Cloud Computing Journal - http://cloudcomputing.sys-con.com/ ● Private Cloud – http://privatecloud.com/
Presentations ● Mark Masterson –
http://www.slideshare.net/mastermark/enterprise-cloud-risk-and-security
● Master Class Online – http://www.slideshare.net/ThoughtWorks0ffshore/cloud-computing-2847268
● Dr. Sosa, University of Virginia - http://www.slideshare.net/awesomesos/exploring-the-cloud
Events/Conference ● http://cloudcomputingexpo.com/ ● http://www.thecloudcomputing.org/2010/ (IEEE
Cloud 2010) ● http://www.cloudwf.com/ (Annual Cloud
Computing World Forum) ● http://www.cloudcom.org/ (International
Conference on Cloud Computing Technology and Science)
Videos ● http://www.youtube.com/watch?
v=XdBd14rjcs0http://www.salesforce.com/cloudcomputing/
● http://www.youtube.com/watch?v=GbNWT8SqcGE&feature=channel
● http://www.youtube.com/user/mindsinthecloud?feature=pyv&ad=4221724480&kw=cloud%20computing#p/u/0/GBlu9a0kOEE
Articles ● Storage-as-a-Service -
http://www.informationweek.com/news/services/storage/showArticle.jhtml?articleID=217300686
● 7 Cloud Security Risks - http://www.infoworld.com/d/security-central/gartner-seven-cloud-computing-security-risks-853?page=0,1