Thursday, July 26, 2012

Cloud Computing Use Case - Part 2

In the last post we discussed Cloud Computing Use Group's Cloud Taxonomy; today we are going to dive into their Standards Taxonomy. There are four different ways standards will affect use case scenarios. The standards play a role in the type of cloud service, across different types of cloud services, between enterprise and the cloud, and within the private cloud of an enterprise.

Standards Across Cloud Service Models

Cloud computing is being adopted by all size organizations, this is a revolutionary shift in information technology that is transforming the way we work and is clearly illustrated with cloud solutions like, Google Apps, and Concur for SaaS, Microsoft Azure and Cloud Foundry for PaaS, and Amazon EC2 and Rackspace for IaaS. Standards for how these different types of cloud service models work together will provide cloud consumer's value.

Standards Within Cloud Service Models

Within each layer of the cloud service model (SaaS, PaaS, IaaS), open standards help prevent vendor lock-in.

Open standards and standard APIs are all about portability, the most applicable open standards to cloud computing are those adopted by the non-profit Open Cloud Initiative (OCI), a non-profit advocate of open cloud computing that was launched at OSCON in 2011.

OCI's requirements for an open cloud are:

  1. Open Formats: All user data and metadata must be represented in open standard formats
  2. Open Interfaces: All functionality must be exposed by the way of open standard interfaces
For Infrastructure as a Service, a standard set of APIs to work with cloud databases would allow applications to work with data from multiple vendors. That common API would give users the freedom to move to another cloud database provider without major changes, and it would make it much easier to integrate new data sources with existing applications. Common APIs for other cloud infrastructure services such as storage, message queues or MapReduce would provide similar benefits, as would common formats for data and data interchange. In the case of virtual machines, a common virtual machine format is crucial. Users should be able to take a VM built and deployed with one cloud provider and deploy it to another cloud provider without changes.

Friday, July 20, 2012

Cloud Computing Use Case - Part 1

The Cloud Computing Use Case group brought together some cloud consumers and cloud vendors to provide several use case scenarios for cloud computing that focused on ensuring interoperability, ease of integration, and portability. They wanted to make certain the case studies didn't use closed and proprietary technologies, but centered on an open environment, minimizing vendor lock-in, and increasing customer choice. Open source solutions and open standards deliver innovation and choice for cloud computing consumers.

With several different open standards available in cloud computing, it is important for corporate IT departments to understand the landscape and different approaches to open solutions.
As we start to migrate our data from traditional datacenters to cloud subscription-based utility providers it is imperative that the data remains portable. If the vendor is not using open standards then typically you will need an intermediary service to broker the data conversion.
The white paper's use cases:
  • Provide a practical, customer-experience-based context for discussions on interoperability and standards.
  • Make it clear where existing standards should be used.
  • Focus the industry's attention on the importance of Open Cloud Computing.
  • Make it clear where there is standards work to be done. If a particular use case can't be built today, or if it can only be built with proprietary APIs and products, the industry needs to define standards to make that use case possible.

Thursday, July 12, 2012

Cloud Cube Model

The cloud ecosystem is accelerating at an astounding rate and adopting cloud computing is a complex decision that includes several factors. The Jericho Forum has designed the Cloud Cube Model to help select cloud formations for secure collaboration. Their intriguing cloud model helps IT managers and business leaders assess the benefits of cloud computing.

The Cloud Cube Model looks at the several "cloud formations". They amount to the cloud service and deployment models. According to the NIST guidelines there are 3 service models which include Software as a Service, Platform as a Service, and Infrastructure as a Server; and there are 4 deployment models which include Public, Private, Community, and Hybrid. Each of these models provides different variations of agility, flexibility, risk, and responsibility.

Tuesday, July 10, 2012

Certificate of Cloud Security Knowledge

The Certificate of Cloud Security Knowledge (CCSK) by the Cloud Security Alliance (CSA) is the first certificate that focuses on cloud computing security. It is currently the most prestigious cloud certificate available. The certificate demonstrates that the IT professional has the conceptual knowledge and implementation skills to deploy a cloud solution with a security risk based approach. 

The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within cloud computing. The CCSK is strongly supported by a broad coalition of experts and organizations from around the world. The collaboration between CSA and ENISA means that the world’s two leading organizations for vendor-neutral cloud security research are providing the foundation for the industry’s first cloud security certification.

To study for the exam you need to have a comprehensive knowledge of the CSA v2.1 Guidance document and the ENISA whitepaper. Both papers can be downloaded from the  Cloud Security Alliance website.
  • Gain competency in the 13 domain topics of the CSA Guidance For Critical Areas of Focus in Cloud Computing V2.1
  • Show understanding of ENISA Cloud Computing: Benefits, Risks and Recommendations for Information Security
  • Be aware of applied knowledge as it relates to: classifying cloud providers into S-P-I model, redundancy, securing popular cloud services, vulnerability assessment considerations, and practical encryption use cases.

News: Top vBlog 2016 Trending: DRS Advanced Settings