Thursday 23 January 2014

Cloud Computing Standards and how they map to a Cloud Reference Architecture


There is currently a lot of discussion about the role of standards in the cloud, along with a large amount of activity in standards development for the cloud. While some parties see the cloud as something completely new that requires an entirely new set of standards, other parties see the cloud as a technology based on existing technologies that already have standards. 

 While there are many standards that were developed in support of pre-cloud computing technologies, such as those designed for web services and the Internet, which also support cloud computing, many new cloud computing standards have emerged in recent years and several others are still in draft form.
These standards are now being developed in specific support of cloud computing functions and requirements.. There are many organisation operating in this space but it does not appear there is conscious effort to avoid duplication and contradiction.It is unlikely an all encompassing standard will emerge in cloud.


Based on the conceptual reference model of Cloud Service provider defined by NIST I try to catalogue some cloud related standards and how they map to the reference model. While many standards are generally relevant to these cloud computing areas, the following sections will map those specifically relevant to cloud.

 Cloud Service Management includes all of the service-related functions that are necessary for the management and operation of those services required by or proposed to cloud consumers.As illustrated cloud service management can be described from the perspective of business support, provisioning and configuration, and portability and interoperability requirement.








Name of the specification
OASIS Public Administration Cloud Requirements (PACR)
Category
Provisioning/configuration::SLA management
Purpose and function of the specification
Set of common required functional elements, and measurable criteria or qualities that should be present in cloud
URI for the normative text of the specification
The name of the SDO that generated/authored/hosted the specification
Organisation for the Advancement of Structured Information Standards (OASIS)
Which of the categories of Cloud services does the standard address?
SaaS, PaaS, and IaaS

Name of the specification
OASIS Cloud Application Management for Platforms (CAMP)
Category
Provisioning/configuration
Purpose and function of the specification
Management of resources within the Platform as a Service domain.an interoperable protocol that cloud implementers can use to package and deploy their applications.
URI for the normative text of the specification
The name of the SDO that generated/ authored/ hosted the specification
Organisation for the Advancement of Structured Information Standards (OASIS)
Which of the categories of Cloud services does the standard address?
PaaS

Name of the specification
Cloud Infrastructure Management Interface 
Category
Provisioning/configuration
Purpose and function of the specification
Management of resources within the Infrastructure as a Service domain. model and protocol for management interactions between a cloud Infrastructure as a Service (IaaS) Provider and the Consumers of an IaaS service
URI for the normative text of the specification
The name of the SDO that generated/ authored/ hosted the specification
Distributed Management Task Force (DMTF)
Which of the categories of Cloud services does the standard address?
IaaS

Name of the specification
Topology and Orchestration Specification for Cloud Applications (TOSCA) 
Category
Interoprability/Portability
Purpose and function of the specification
Provide interoperable description of application and infrastructure cloud services, the relationships between parts of the service, and the operational behavior of these services 
URI for the normative text of the specification
The name of the SDO that generated/authored/hosted the specification
Organisation for the Advancement of Structured Information Standards (OASIS)
Which of the categories of Cloud services does the standard address?
SaaS, PaaS, and IaaS

Name of the specification
Open Virtualization Format Specification
Category
Interoperability/Portability::System  Portability
Purpose and function of the specification
An open, secure, portable, efficient and extensible format for the packaging and distribution of software to be run in virtual machines
URI for the normative text of the specification
http://dmtf.org/sites/default/files/standards/documents/DSP0243_2.1.0.pdf
The name of the SDO that generated/authored/hosted the specification
Distributed Management Task Force (DMTF)
Which of the categories of Cloud services does the standard address?
SaaS, PaaS, and IaaS
Known implementations of the specification
VirtualBox, Red Hat Enterprise Virtualization, VMware, IBM POWER server AIX, IBM SmartCloud, OpenNode Cloud Platform, rPath, SUSE Studio

Name of the specification
OASIS Symptoms Automation Framework (SAF)
Category
Monitoring and Reporting
Purpose and function of the specification
Knowledge sharing across domains, allowing consumer and provider to work cooperatively together to ensure adequate capacity, maximize quality of service, and reduce cost.
URI for the normative text of the specification
https://www.oasis-open.org/committees/documents.php?wg_abbrev=saf
The name of the SDO that generated/ authored/ hosted the specification
Organisation for the Advancement of Structured Information Standards (OASIS)
Which of the categories of Cloud services does the standard address?
SaaS, PaaS, and IaaS

Name of the specification
SNIA Cloud Data Management Interface (CDMI)
Category
Provisioning/configuration ::Data  Portability
Purpose and function of the specification
Functional interface that applications will use to create, retrieve, update and delete data elements from the cloud
URI for the normative text of the specification
The name of the SDO that generated/authored/hosted the specification
Storage Networking Industry Association International Organization for Standards(SNIA)
Which of the categories of Cloud services does the standard address?
SaaS, PaaS, and IaaS

Name of the specification
CloudAuthZ
Category
Security::Authorization
Purpose and function of the specification
Managing authorizations and entitlements in SaaS, PaaS, and IaaS contexts
URI for the normative text of the specification
The name of the SDO that generated/authored/hosted the specification
Organisation for the Advancement of Structured Information Standards (OASIS)
Which of the categories of Cloud services does the standard address?
SaaS, PaaS, and IaaS

Name of the specification
OASIS Identity in the Cloud
Category
Security::Identity Managent
Purpose and function of the specification
Identity management in cloud computing
URI for the normative text of the specification
https://www.oasis-open.org/committees/id-cloud/charter.php
The name of the SDO that generated/ authored/ hosted the specification
Organisation for the Advancement of Structured Information Standards (OASIS)
Which of the categories of Cloud services does the standard address?
SaaS, PaaS, and IaaS

Name of the specification
Trusted Multi-tenant Infrastructure
Category
Security:: Confidentiality & Integrity
Purpose and function of the specification
Implementation patterns for cloud providers and consumers to implement a trusted computing base using shared multi-tenant infrastructure
URI for the normative text of the specification
https://www.trustedcomputinggroup.org/files/resource_files/54C245B0-1A4B-B294-D0B2E058FF8E5246/TMI_Reference_Model_V1_00R1_0.pdf
The name of the SDO that generated/authored/hosted the specification
TrustedComputingGroup
Which of the categories of Cloud services does the standard address?
SaaS, PaaS, and IaaS


Posted by at No comments:
Labels: ,

Thursday 9 January 2014

Modeling Cloud Architecture with TOGAF


Cloud computing has emerged as one of the most significant game changers to hit the technology landscape in the recent years.However, the explosion of cloud computing has been a bit of a catch 22 for many enterprises.They  are often struggling to understand the benefits of cloud computing as it appears totally disruptive to their current approach to IT operations.
Enterprise Architects will have a crucial role in cloud adoption strategies for enterprises. Enterprise Architecture deals with the whole enterprise and not only on the IT part, but also it involves the business side. Subsequently EA is for business and IT alignment. Now as Cloud is being presented as the most versatile technology in the IT field, there is greater need among enterprise architects to quickly understand transformations being brought in by the Cloud principles and to do the required twist and tweak on the EA. Increasingly enterprise architects are tasked to tune their EA to be Cloud-ready. 

As most enterprise architects are familiar with TOGAF it is a good starting point to model your cloud architecture roadmap. The TOGAF ADM can help immeasurably in arriving at a viable Cloud strategy that leads to closer business – IT alignment. 

As next-generation services and applications have to be analyzed, architected, and constructed for the cloud landscape from the ground up, the top down approach would be most logical approach.We discuss here the specific steps which need to be adapted in TOGAF for building cloud architectures


Preliminary Phase: -

Identify and Establish Architecture Principles
The architecture principles are an important anchor when establishing the architecture governance. Some Cloud specific architecture principles could be 
  • Small stateless services
  • Use Scalable Ingredients
  • Use Resource Pooling
  • Support Multi-Tenancy
Tailoring Of TOGAF Architecture  Views for Cloud Applications
While  TOGAF ADM is one of  the very good approach to architect and design Cloud Applications from top down perspective,but the architectural views defined in this framework need to be twisted and tweaked in order to simplify and streamline cloud enablement. Cloud specific terminologies like 'Virtualization' 'SAAS' 'PAAS' 'IAAS' needs to   incorporated as a part of terminology tailoring.

Architecture Vision: -

The high-level description produced in Phase A will reflect the cloud based nature of the architecture that is envisaged. 

Stakeholders, Concerns, and Business Requirements
There are some concerns that are specific to Cloud in terms of data security , privacy , and transparency which needs to be identified.

Assess Readiness for Business Transformation

Quantify the enterprise’s readiness to undergo changes due to cloud model.
Extend Business Transformation Readiness Assessment of TOGAF to include cloud specific assessments.
  • Is the business prepared to account for IT or applications to be metered out as a service? 
  • How will processes for change and release fare when allowing certain user groups to self-provision resources? 
  • How will compliance controls perform in a highly automated virtual world of shared resources?   
  • What business use cases might benefit most from implementing an internal cloud?
  • Is your IT Operations ready to adopt IT Service Management?

Business Architecture

While the overall business goals of a cloud enabled application will not change, the Business users themselves will be variable in a multi tenant scenario and hence this view may needs to be adjusted for different groups that the Cloud service will cater .  Especially the questions like  Who Does It, What Do They Do will change for Cloud Applications when compared to traditional enterprise applications.

 Business applications are typically delivered from enterprise server machines. Now with the emergence of powerful and affordable cloud servers, business services and applications are to be deployed and delivered from the new environment. The business architecture has to take care of security, privacy, and other quality attributes of cloud-based applications. Governance, visibility, and controllability are other important factors to be given a serious thought. There has to be a kind of synchronization between enterprise resources and cloud-based applications.

Data Architecture

The core Entity Relationship modeling of a cloud application may match that of its  traditional enterprise application counterpart , however  multi tenancy aspect will introduce new variations to the Logical Data Model. Data Security View  will be totally different from a traditional enterprise application.

Application Architecture

Applications to be cloud ready have to undergo some critical changes. The PaaS Platform will abstract several traditional components that are part of the Application Architecture View and hence this view will be different from a traditional enterprise application. This includes custom-built shelf software to be converted into SaaS.  

Technology Architecture

Due to the tenants of cloud application like virtualized server environment ,PaaS platform ,On-demand instances and other virtual storage considerations, this view will be the one that will go through maximum changes for a cloud application when compared to a normal application. 



We see that bringing cloud capabilities to an enterprise is about more than just the latest technology; it is about changing the traditional business and collaboration model with partners, customers, and providers of services to the enterprise.

Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)