PowerPoint Presentation
Cloud Computing in the Enterprise:A Question of Control.. And
who has it .INF5890Ben Eaton31/03/201411The Cloud We all use it
But Im going to talk about cloud computing in an enterprise
settingBackgroundDefining the CloudCloud ArchitectureManaging the
Cloud in organisationsAdoption & Issues of Cloud in the
Enterprise3Cloud Computing in the EnterpriseBackgroundDefining the
CloudCloud ArchitectureManaging the Cloud in organisationsAdoption
& Issues of Cloud in the Enterprise4High ExpectationsForecast
growth in industry revenues associated with Cloud Computing
(Forrester):$61Bn for 2012 (Kirsker, 2012) Growing to $241Bn by
2020 (Dignan, 2011)
Cloud represents a $3.3 trillion transformation thats going on
in the computing world Microsoft are betting the company on
cloud(Steve Ballmer CEO Microsoft 2011)
5Overhyped and old news?In Public Discourse6
Since its emergence in around 2007, its a subject whose profile
has grown significantly:- its talk in public discourse- Jarle will
talk about its profile in academic discourse6Or about to enter the
mainstream?
Gartners hype cycle for emerging technologies, 2013Source:
Gartner 19 August 2013 - http://www.gartner.com/newsroom/id/2575515
http://en.wikipedia.org/wiki/Hype_cycle7Cloud Computing in the
EnterpriseBackgroundDefining the CloudCloud ArchitectureManaging
the Cloud in organisationsAdoption & Issues of Cloud in the
Enterprise8Technical Origins of Cloud ComputingComputing as a
service and accessing remote and distributed hardware and software
resources over a network is not a new concept.
1960's notions of :"computing utilities" (Cafaro & Aloisio,
2011; Kleinrock, 2005) Virtualisation (Graziano 2011)
Gradual development over next forty years, e.g.Distributed IT
infrastructures in the 80's and 90's Application Service Provision
(ASPs) in the 90's and 00s
However they were all constrained by a lack of computing power
and network bandwidth.
(Venters & Whitley 2012)9Technical Origins of Cloud
ComputingFactors conspired at the turn of the millennium to
facilitate Cloud Computing:
Rise of cheap computing power and network bandwidth
The rise of large scale computing architectures and enabling
technologies around Grid computing enabling affordable high power
computing tasks
Adaptation of these architectures for large data centres of
commodity hardware to service the IT business needs of
organisations such as Google, Amazon and Microsoft
Commercialisation of their computing architectures in ways that
could be sold as the first Cloud Computing services.
(Venters & Whitley 2012)
10Cloud Computing DefinitionU.S. National Institute for
Standards and Technology (NIST):
Cloud computing is a model for enabling ubiquitous, convenient,
ondemand network access to a shared pool of configurable computing
resources (e.g. networks, servers, storage, applications and
services) that can be rapidly provisioned and released with minimal
management effort or service provider interaction
(Mell & Grance, 2011)11In its most Basic FormIt is a means
of:outsourced shared-computing where resources are virtualised,
distributed and pooled amongst external data centresaccessed by
users through the internet
(Venters & Whitley 2012)12Key Components of Cloud
13What it delivers Service ModelsCustomers may
purchase:Infrastructure as a Service (IaaS)Platform as a Service
(PaaS)Software as a Service (SaaS)
14Infrastructure as a Service (IaaS)Virtualisation of physical
Compute AssetsStorageProcessing
No control over underlying cloud infrastructure
Control over ability to deploy and run softwareoperating systems
and applications
E.g. Amazon Web Services (AWS)
Used for:File BackupTemporary Processing Campaigns, Product
Design15Platform as a Service (PaaS)Virtual development
environment
Develop & deploy applications for the Cloud
No control over underlying Cloud infrastructure
Control over deployed applicatione.g. provisioning and
access
E.g. Google App Engine, Microsoft Azure
Used for:Startups quick way of deploying Cloud appsEnterprise
productivity - apps for internal to the orgEnterprise storefronts
means of developing interface between business and public
16Software as a Service (SaaS)Access to Service Providers
Applications that execute on the Cloud
Accessed via thin client interface such as a web browser (or
smartphone app)
No control over underlying Cloud infrastructure
Minimal control over application settings
E.g. Gmail, Google Docs, DropBox, Facebook, Evernote etc
Uses: You name it 17Scope of Control
Source: Liu et al (2011) NIST Cloud Computing Reference
Architecture 18Key Components of Cloud
19Essential CharacteristicsOn Demand Self Service
Commoditised
Measured ServiceVariable Cost Model, pay for capacity you
use
Resource PoolingHigh Utilisation & Economies of scale
Rapid ElasticityCommission / Decommission Capacity
Broad Network Access Accessibility over internet
20On-demand self-service. A consumer can unilaterally provision
computing capabilities such as server time and network storage as
needed automatically, without requiring human interaction with a
service provider.
Measured service. Cloud systems automatically control and
optimize resource usage by leveraging a metering capability at some
level of abstraction appropriate to the type of service (e.g.,
storage, processing, bandwidth, or active user accounts). Resource
usage can be monitored, controlled, and reported providing
transparency for both the provider and consumer of the service.
Resource pooling. The providers computing resources are pooled
to serve multiple consumers using a multi-tenant model, with
different physical and virtual resources dynamically assigned and
reassigned according to consumer demand. There is a degree of
location independence in that the customer generally has no control
or knowledge over the exact location of the provided resources, but
may be able to specify location at a higher level of abstraction
(e.g., country, state, or datacenter). Examples of resources
include storage, processing, memory, network bandwidth, and virtual
machines. Even private clouds tend to pool resources between
different parts of the same organization.
Rapid elasticity. Capabilities can be rapidly and elastically
provisioned in some cases automatically to quickly scale out; and
rapidly released to quickly scale in. To the consumer, the
capabilities available for provisioning often appear to be
unlimited and can be purchased in any quantity at any time.
Broad network access. Capabilities are available over the
network and accessed through standard mechanisms that promote use
by heterogeneous thin or thick client platforms (e.g., mobile
phones, laptops, and PDAs) as well as other traditional or
cloud-based software services.20Which meets Organisations desires
toSimplify the management of their IT resources (hardware,
middleware and software) resources
Scale up (or down) available resource capacity dynamically on
demand
Reduce and simplify their costs
Whilst ensuring levels of data security, service latency and
service availability are at least maintained and preferably
improved.21Key Components of Cloud
22Deployment ModelsSo far so good but Cloud can be deployed in
different ways
PublicPrivate
Which have implications on the organisation . control!23Public
Cloud
Source: Liu et al (2011) NIST Cloud Computing Reference
Architecture 24Public CloudE.g: Amazon AWS, Google App Engine,
Microsoft 365 etc
Benefits of computing with:Significant Cost Savings (Economies
of Scale, PAYG, Low Overheads)Hi Performance (Super computer
power,Latency)Very Flexible (switching on & off Virtualised
Hardware and Software)
Popular with Small Medium Businesses = Access to Power
Comes at cost of loss of controlLack of transparencySharing of
computing assetsYour competitor could be using the neighbouring VM
how secure?
Multi-tenancy architecture shared by all
25Private Cloud
Source: Liu et al (2011) NIST Cloud Computing Reference
Architecture 26Not shared - operated solely for a single
organization.
Hosted / Non Hosted Solutions
Benefit: Under enterprise control
Whilst VM architecture essential, it will lack benefits of
sharing:Cost; Scalability; Performance
Private Cloud
Source: Liu et al (2011) NIST Cloud Computing Reference
Architecture 27Not shared - operated solely for a single
organization.
Hosted / Non Hosted Solutions
Benefit: Under enterprise control
Whilst VM architecture essential, it will lack benefits of
sharing:Cost; Scalability; Performance
Private Cloud
Source: Liu et al (2011) NIST Cloud Computing Reference
Architecture 28Not shared - operated solely for a single
organization.
Hosted / Non Hosted Solutions
Benefit: Under enterprise control
Whilst VM architecture essential, it will lack benefits of
sharing:Cost; Scalability; Performance
Cloud Computing in the EnterpriseBackgroundDefining the
CloudCloud ArchitectureManaging the Cloud in organisationsAdoption
& Issues of Cloud in the Enterprise29Cloud Service
Orchestration ArchitectureService Layer (s/w)Resource Abstraction
& Control Layer (m/w)Physical Resource Layer
(h/w)IaaSPaaSSaaSResource AbstractionResource
ControlHardwareFacilityWeb, HTTP (REST / SOAP)30Resource
Abstraction & Control Layer Service Layer (s/w)Resource
Abstraction & Control Layer (m/w)Physical Resource Layer
(h/w)IaaSPaaSSaaSResource AbstractionResource
ControlHardwareFacilityVirtual Machines & Virtual
StorageResource AllocationAccess ControlUsage
MonitoringAPIsWebHypervisors31Virtualisation & Virtual
Machines
Single Tenancy vs Multi Tenancy
Single Tenancy Multi Tenancy User A @ Company 1User B @ Company
1User C @ Company 1User A @ Company 1User B @ Company 2User C @
Company 3Cloud Computing in the EnterpriseBackgroundDefining the
CloudCloud ArchitectureManaging the Cloud in organisationsAdoption
& Issues of Cloud in the Enterprise34Managing the Cloud in
organisationsConcerns how enterprise IT department manages cloud
services with different stakeholders such as:-
With rest of the enterprise organisationWith the StateWith
Suppliers (Cloud Service Providers & Vendors)
35Managing the Cloud :vis--vis the rest of the
organisationManagement of cloud =sourcingpurchasingintegration with
portfoliousageWhen to get rid of
Who manages Cloud services?The IT Department . OrDepartments
themselves (e.g. marketing, sales, finance etc)LOBS provisioning
their own services .. DropBox securityEnterprise Cloud Service
BrokerBring Your Own Device (BYOD)
The changing role and skill sets of the IT department in a Cloud
based enterpriseThis will effect you!
36Governance of Enterprise Cloud:vis--vis the state (national
& EU law)What kind of law? . Typicallyprocessing of personal
data free movement of personal data
Compliance with local laws & regulationAct No. 31 relating
to the processing of personal data (Personal Data Act) (14 April
2000)Data laws and regulations increasingly by industry
verticalE.g. retail banking - Bankenes Standardiseringskontor
(BSK)
Compliance with international lawsEU Directive 95/46/EC Data
Protection DirectiveIndustry verticals e.g. financeSection 404 of
the Sarbanes-Oxley Act of 2002 Complexity of competing jurisditions
(customer in Norway, CSP in USA, host in INDIA)
AuditsE.g. SAS 7037Governance of Enterprise Cloud:vis--vis
suppliers (& contracts)Contractual relationshipCan have
similarities to outsourcing contractTensions between the different
parties
Enterprises desire tight & tailored contracts
offeringEquivalence to In house systemsMeasures to minimise
perceived risk (see next page)Commitment to detailed levels of
service allowing enterprises to retain controlOutsourcing style
contracts
Public CSPs desire loose & general contracts
reflectingCommoditised XaaS style servicesRisk AvoidanceMinimum
SLAs (a la Amazon)38Example RisksGeographic Risk e.g. Whose
Jurisdiction?
Data Security Riskse.g. What happens when you move Cloud Service
Provider?
Contractual Riskse.g. Can supplier change terms without me
knowing?
Architectural Riske.g. How secure are multitenancy achitectures
really?
Ecosystem Riske.g. Long supply chain in Cloud your service is as
strong as the weakest link
39Cloud Computing in the EnterpriseBackgroundDefining the
CloudCloud ArchitectureManaging the Cloud in organisationsAdoption
& Issues of Cloud in the Enterprise40Global adoption of cloud
in the enterpriseEnterprise adoption of cloud is still immatureIn
Norway adoption is more cautious still less economic incentives
Enterprises Still Sceptical of Public cloudPerceived loss of
control & increased levels of riskOutweigh the benefits of
public cloud
Much greater Public Cloud adoption within SMEs
41Global adoption of cloud in the enterprisePublic Cloud
possibly used for non core data & servicesCRM -
Salesforce.comProductivity - Microsoft Office 365
Private Cloud used for core data & servicesCore DataCustomer
/ HR / Finance & AccountingCore ServicesEssential Business
Processes core to the enterprise
42Global adoption of cloud in the enterpriseIn order that Public
Cloud is adopted more widely in enterprises
eitherEnterprises must learn to trust large scale public Cloud
SPs & accept the risk
orLarge scale CSPs improve their contractual terms to
accommodate enterprises
or perhaps a bit of both43Spare Slides44Cloud Computing in the
EnterpriseBackgroundDefining the CloudCloud ArchitectureManaging
the Cloud in organisationsAdoption & Issues of Cloud in the
Enterprise45(NIST) Cloud Reference ArchitectureIaaSPaaSSaaSResource
AbstractionResource ControlHardwareFacilityService
OrchestrationCloud Service ManagementSecurityPrivacyCloud
ProviderCloud ConsumerCloud AuditorCloud BrokerCloud
CarrierPhysicalLayerServiceLayerResourceLayerSource: Liu et al
(2011) NIST Cloud Computing Reference Architecture 46Cloud Service
Orchestration ArchitectureService Layer (s/w)Resource Abstraction
& Control Layer (m/w)Physical Resource Layer
(h/w)IaaSPaaSSaaSResource AbstractionResource
ControlHardwareFacilityWeb, HTTP (REST / SOAP)47Service
LayerService Layer (s/w)Resource Abstraction & Control Layer
(m/w)Physical Resource Layer (h/w)IaaSPaaSSaaSResource
AbstractionResource ControlHardwareFacilityWeb, HTTP (REST /
SOAP)48Physical Resource LayerService Layer (s/w)Resource
Abstraction & Control Layer (m/w)Physical Resource Layer
(h/w)IaaSPaaSSaaSResource AbstractionResource
ControlHardwareFacilityWeb, HTTP (REST / SOAP)49Virtualisation
& Virtual Machines
Resource Abstraction & Control Layer Service Layer
(s/w)Resource Abstraction & Control Layer (m/w)Physical
Resource Layer (h/w)IaaSPaaSSaaSResource AbstractionResource
ControlHardwareFacilityVirtual Machines & Virtual
StorageResource AllocationAccess ControlUsage
MonitoringAPIsWebHypervisors51Single Tenancy vs Multi Tenancy
Single Tenancy Multi Tenancy User A @ Company 1User B @ Company
1User C @ Company 1User A @ Company 1User B @ Company 2User C @
Company 3Multi Tenancy & Risk
On-Premises Data Centre(e.g. Private Cloud)Off-Premises Data
Centre(e.g. Public Cloud)From: Cloud Security Alliance -
https://wiki.cloudsecurityalliance.org/guidance/index.php/Cloud_Computing_Architectural_FrameworkSecurity
Concern? Independent organisations sharing the same hypervisor
53Comparison of Service Orchestration
StacksIaaSPaaSAmazonAmazonAmazonAmazonAmazon
AWSPhysicalLayerServiceLayerResourceLayerIaaSOpenCloudstackOpenOpenCloudstackHTTP
(REST/SOAP)Resource AbstractionResource
ControlHardwareFacilityAmazonOpenHTTP (REST/SOAP)MonolithicBlack
BoxedClosedCloud Service Provider Has ControlOpenLayered
ModularEnterprise/Outsourcer Has ControlPublicPrivate54
