up in the clouds: cloud computing and gis
DESCRIPTION
This is Willbros Senior GIS Consultant Peter Veenstra's presentation from the 2012 GITA Oil & Gas Pipeline Conference. The presentation address cloud computing security concerns and explains how cloud computing can help with data integrity management.TRANSCRIPT
- 1. Up in the Clouds:Cloud Computing and GIS Peter Veenstra & Jason Cradit Willbros Engineering
2. Overview Technical Overview Part I - Terminology - What is the cloud? Part II - Security - How secure is enough? Part III Cloud Computing and GIS The practical and potential? Summary and Thoughts 2 3. Introduction This is not a paper arguing for or against Cloud Computing. This is a wide-ranging and complex topic. New stuff every day Focus is on explaining cloud computing. Examine current applications and future applicability of pipeline GISin the Cloud.3 4. Part I: Cloud ComputingTerminology, Definitions, Rationale4 5. What is Cloud Computing? The first meaning of the termCloud: noun 1. a visible mass of condensedcloud is prettywater vapor floating in the atmosphere, typically straightforward.high above the ground. verb 2. figurative [trans.] make (amatter or mental process) unclear or uncertain; However, when you addconfuse. computing to it, you get anapproximation of the seconddefinition: something unclearand nebulous.5 6. What is Cloud Computing? The first meaning of the termCloud: noun 1. a visible mass of condensedcloud is prettywater vapor floating in the atmosphere, typically straightforward.high above the ground. verb 2. figurative [trans.] make (amatter or mental process) unclear or uncertain; However, when you addconfuse. computing to it, you get anapproximation of the second51% Of People Think definition: something unclearand nebulous.Stormy Weather AffectsCloud Computing6 7. What is Cloud Computing? Intelligence and National Security AllianceCloud:(INSA) defines the cloud as follows: noun 1. a visible mass of condensedwater vapor floating in the atmosphere, typically Cloud Computing as an adjective: ahigh above the ground.method of computing that provides It verb 2. figurative [trans.] make (acapacity in elastic ways to expand to meetmatter or mental process) unclear or uncertain;user needs and contract when demandconfuse.decreases. Cloud Computing as a noun: an51% Of People Thinkinfrastructure of on-demand capabilitiesStormy Weather Affectsusing virtualized resources. This involvesCloud Computing pools of storage, network, processing, andother computational resources that can beefficiently allocated when requested andquickly provisioned in a highly automatedfashion.7 8. What is Cloud Computing? 9. What is Cloud Computing? 10 10. Terminology and Definitions Deployment Model: Public, Private or Hybrid Clouds Service Model: PaaS - Platform as a Service (Build) I need computers to do stuff IaaS - Infrastructure as a Service (Host) I need specific computers to host specific software SaaS - Software as a Service (Consume) IaaS and PaaS is what we use to create SaaS Intrastructure Components 11 11. What is Cloud Computing? Cloud computing is IaaSPaaS business model. Lease or rent the computers that you need as you need them. Not only the computers but the software on top of them (SaaS) Five characteristics of cloud computing: 1. On-demand self-service 2. Ubiquitous network access 3. Location independent resource pooling 4. Rapid elasticity 5. Measured service with pay-per-useSource: INSA White Paper - ttp://www.insaonline.org/assets/files/White%20Papers/INSA_Cloud_Computing_2012_FINAL.pdf12 12. Reasons for using Cloud Computing CapEx to Opex Avoid the IT Cue Extends capabilities of IT Focus on business not IT (Getting things done) Standardization of Infrastructure (Abstraction) Ubiquitous access (TCPIP) Elastic (Expand to meet demand) Service based - get billed for what you use Speed - deployment and access Cheap(er) (Superior Economics) On Demand (No long term contracts) Application and OS Independent Free of SW/HW Installation (Log in and go)13 13. The Players (some of them)14 14. The Perfect Storm for Cloud Computing Hardware smaller and faster, cheaper Commoditization Internet Availability (4G, Fiber, Wireless) Generation Factor (I wanna ) Software as a service Knowledge Commoditization(Technology Innovation x Commoditization) +(Internet Availability x Commoditization) +(Generation Factor x Commoditization)= Perfect Cloud Computing Storm15 15. Part II: SecurityDiscussion of Security 16 16. Cloud vs. On-Premise Security IT Security considerations are the same for in premise or on thecloud! Confidentiality Keeping information confidential Integrity Keeping information unaltered unless authorized Availability Ability to have information available when requested 17 17. Inherent Security Geographically disparate No ice storm, earthquake, hurricane can bring it down - impacting availability (if designed appropriately) Massively redundant infrastructure Multiple networks, servers hard-drives...etc...18 18. Inherent Security19 19. Inherent Security Geographically disparate No ice storm, earthquake, hurricane can bring it down - impacting availability (if designed appropriately) Massively redundant infrastructure Multiple networks, servers hard-drives...etc... Business Reputation They have more skin in the game - no ability to hide security incidents20 20. Cloud security is a shared responsibility Cloud providers secure their infrastructure better than you ISO 27001 FISMA - Moderate PCI DSS SAS 70 Type II YOU own the responsibility for securing the application layer(Hypervisor) Use private cloud spaces Encrypted data; in-flight and at-rest Two Point Authentication (2FA) Service Level Agreement (SLA) Securitys weakest link: People21 21. Legal Concerns Critical Infrastructures Act of 2002 US Department of Transportation (PHMSA) subscribes to avoluntary security model No current regulations for CyberSec - coming? Guidelines available American Pipeline Institute - ISO 27001/2 Department of Homeland Security Transportation Sector-Specific Plan (NIST) You can implement all of these security standards in the cloud SOX, ISO 9000, ISO 27000 22 22. Security OrganizationsPolicy Cloud Security Council (Alliance Congress) https://cloudsecurityalliance.org/research/spac/ InfraGard http://www.infragard.net/ Intelligence and Nation Security Alliance http://insaonline.org/index.php?id=746 Pipeline CloudRegulationsCyber Security http://www.fas.org/sgp/crs/homesec/R42660.pdf23 23. Security: Final Comments In 2011 the CIO of the United States called for moving $20 Billion, or one quarter of all federal IT spending into the cloud. Department of Homeland Security US Citizenship and Immigration US Dept. of Justice FEMA FAA Recovery.gov US Dept. Agriculture (Email 27 to 1, Data Portability Built-In) Intelligence and National Security Alliance (INSA)Source: ComputerWorld - 07/2011 - http://www.computerworld.com/s/article/9218702/Cloud_security_fears_exaggerated_says_federal_CIO 24 24. Security: Final Comments, cont. "A lot of people are sort of driving this notion of fear around security, and the reason I think thats been amplified, frankly, is because it preserves the status quo. The U.S. also has a rule to pull funding from any IT project that isnt delivering value six months from implementation - Vivek Kundra, Federal CIO Increases competition among providers for Government Services (https://www.apps.gov) Amazon GovCloud (http://aws.amazon.com/govcloud-us/)Source: ComputerWorld - 07/2011 - http://www.computerworld.com/s/article/9218702/Cloud_security_fears_exaggerated_says_federal_CIO 25 25. Part III: GIS and the CloudExamples, Discussion, & Terminology26 26. What is GIS? Traditionally pipeline GIS has beenimplemented in a server, with aRDBMS, using a data model(networked, linear referencing) Data Warehouse, BusinessIntelligence, Analytics Part of IT A integration point for other systemsbased on ability to manage or be thesystem or record for location27 27. GIS in the Cloud IaaSPaaS (Cloud Utilization) ArcGIS Server for Amazon EC2 Open Geo Suite (SkygoneAmazon EC2) SaaS Basic mapping services ArcGIS OnlineGoogle Earth Fusion TablesOpen Street Map Value added geoprocessing services ArcGIS OnlineGoogle Earth BuilderGoogle Maps EngineMapBoxGeoIQCartoDBeSpatial http://itouchmap.com/latlong.html http://www.batchgeo.com Specialty Applications Socium Data Validation ESRI Business Analyst Business Retail Location Digital Map Products Government and Real Estate 28Source: http://www.directionsmag.com/articles/navigating-through-the-nebulous-arena-of-the-cloud/259505 28. GIS Cloud (A sampling, in alphabetical order)1Spatial - http://www.1spatial.com/Amazon - http://aws.amazon.com/Amazon Map API - https://developer.amazon.com/sdk/mapssignup.htmlCartoDB - http://cartodb.com/CloudMade - http://cloudmade.com/DigitalMap - http://www.digmap.com/ESpatial - https://www.espatial.com/ESRI http://www.esri.com/ http://www.arcgis.com/about/GeoCommons - http://geocommons.com/GeoIQ - http://www.geoiq.com/Geoloqi - https://geoloqi.com/GIS Market Place - https://www.thegismarketplace.com/Google https://www.google.com/Leaflet - http://leaflet.cloudmade.com/MapBox - http://mapbox.com/MapShaper - http://mapshaper.com/test/MapShaper.swfOGR Simple Feature Libarary - OGR Simple Feature Library - http://www.gdal.org/ogr/OpenGeo Suite http://opengeo.org/products/suite/cloud/Open Streetmap - http://www.openstreetmap.org/QGIS Cloud - http://qgiscloud.com/SkyGone Cloud - http://skygoneinc.com/Socium - http://www.socium.co.uk/29 29. Pipeline GIS Cloud Potential Staging and Deployment, Rapid Development Operational GIS Operational Data Store (ROVILI) Situational Awareness (Story Board, Media, Risk) Visualization (Wow!, Lightweight) Scalable Map Services Real Time Data Integration (Scada, ILI, Tracking) Geo-Collaboration (VGI, Tag, Parse, Target - RISK) Street View (3D View, Altered Reality - HCA) Non SQL Databases (10GenMongoDB) Data Verification (MAOP, RISK, What we dont know ) Source: http://www.informationisbeautiful.net 30 30. Smart Phones and Location-based Services 50% of all US Adults have smart-phones or tablets Vendors are making plays for location based services companies People are experimenting with new ways to utilize locationSource: http://www.fastcompany.com/3001809/5-reasons-location-smartphones-killer-map 31 31. Wrap-Up32 32. Thoughts Part of this is cloud utilization Geo-Services Data structures and models could potentially become less relevantas long as people can get to their data and can present it coherently(storage vs. processing and structure vs. agility noSQL) Access to and querying of data will become key - human languageconstructs. Change the paradigm of application development and delivery(Software as a Service). Data must be discoverable, accessible, and exploitable (Large Data,Rapid Dissimination, Broad User Base)33 33. How to start moving into the cloud Identify restrictions and gray areas Start running experiments with Software-as-a-Service (SaaS) Do your next development project in the cloud Talk with your core enterprise software vendors to understand theirplans for the cloudSource: What Every CEO Needs to Know about the Cloud: Harvard Business Review, 2011: http://hbr.org/search/R1111J ( http://hbr.org/2011/11/what-every-ceo-needs-to-know-about-the-cloud/ar/1)34 34. Moving to the Cloud This isnt a GIS or IT or Legal Decision It is a C-Level Decision itwill be about business Do they want to build another GIS or operate a pipeline? Delegating to the IT Department isnt necessarily the right idea Expect un-anticipated Cloud Benefits Typical concerns of security are red-herringsSource: What Every CEO Needs to Know about the Cloud: Harvard Business Review, 2011: http://hbr.org/search/R1111J ( http://hbr.org/2011/11/what-every-ceo-needs-to-know-about-the-cloud/ar/1)35 35. The EndQuestions?Peter Veenstra [email protected] Cradit [email protected] 36 36. Key Sources (in alphabetical order )Amazon Web Services: http://aws.amazon.com/ArcGIS Online: http://www.arcgis.com/about/features.html#reach-your-usersArc GIS Online Help: http://resources.arcgis.com/en/help/main/10.1/index.html#//016w00000036000000Data Governance: http://www.sas.com/resources/whitepaper/wp_50387.pdfDirections Magazine Channel on Cloud Computing - http://www.directionsmag.com/channels/cloud-computing/GIS and the Cloud: http://www.directionsmag.com/articles/navigating-through-the-nebulous-arena-of-the-cloud/259505Google Data Centers: http://www.google.com/about/datacenters/gallery/#/allGoogle Fusion Tables: http://www.google.com/fusiontables/Home/Google Map Engine: http://www.google.com/enterprise/mapsearth/products/mapsengine.htmlGoogle Security and Privacy:http://static.googleusercontent.com/external_content/untrusted_dlcp/www.google.com/en/us/a/help/intl/en-GB/admins/pdf/ds_gsa_apps_whitepaper_0207INSA White Paper - ttp://www.insaonline.org/assets/files/White%20Papers/INSA_Cloud_Computing_2012_FINAL.pdf 37 37. Key Sources (in alphabetical order, cont.)NIST: http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdfNoSQL Databases: http://www.10gen.com/static/downloads/nosql_bi.pdfPipeline CyberSecurity: Federal Policy: http://www.fas.org/sgp/crs/homesec/R42660.pdfPipeline GIS Data Governance: http://eaglemap.com/pipeline-executives/What Every CEO Needs to Know about the Cloud: Harvard Business Review, 2011: http://hbr.org/search/R1111J (http://hbr.org/2011/11/what- every-ceo-needs-to-know-about-the-cloud/ar/1)Visualization: http://www.informationisbeautiful.net/2012/announcing-the-information-is-beautiful-awards-shortlist/? utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+InformationIsBeautiful+%28Information+Is+Beautiful%29Security: http://www.computerworld.com/s/topic/17/Security38