Upload
microsoft-private-cloud
View
547
Download
1
Tags:
Embed Size (px)
Citation preview
Page 3
Agenda Objectives
Clearing confusion around cloud computing
Introducing the Windows Azure platform AppFabric• Service Bus• Access Control
Solving “Problems” with Windows Azure platform AppFabric
Page 4
Objectives Define cloud computing
AppFabric’s Service Bus and Access Control Capabilities
Solving cloud “problems” with AppFabric’s Service Bus and Access Control
Page 5
Fundamentals
How Microsoft Views the Cloud
Scale outAutomated
ServiceManagement
HighAvailability Multi-tenancy
Infrastructure
Business model
Ownership
Heterogeneous
Homogeneous
OpEx CapEx
Lease/Rented Owned
Considerations
ManagementThird Party Self
Location On premisesOff premises
Page 7
Software + Services Architecture“When you combine the ever-growing power of devices and the increasing ubiquity of the Web, you come up with a sum that is greater than its parts.” —RAY OZZIE
Page 8
Windows Azure is an internet-scale cloud services platform hosted in Microsoft data centers around the world, proving a simple, reliable and powerful platform for the creation of web applications and services.
Introducing Windows Azure
Page 10
Simplified, Secure Connectivity for the Cloud Service Bus and Access Control in Windows Azure platform AppFabric are powerful building blocks.
AppFabric SERVICE BUSConnect apps & services
AppFabric ACCESS CONTROL
Control & secure access
Secure Connectivity• Bridge cloud services, on-premises apps,
and hosted assets• Build distributed apps for your business or
to collaborate with partners
Across boundaries• Navigate network and security
boundaries, securely and simply• Federate identity and access across
organizations and ID providers• Simplify claims-based authorization for
distributed apps and web services
At Cloud Scale• Scale up and down as your business
requires• Automated service mgmt. and dynamic
scale• Interoperate with a variety of languages
and industry standards
Page 11
AppFabric Service Bus Connectivity
Application #1 Application #2Direct Connection facilitated by Service Bus if that is best
connection mechanism.
TextXMLGraphicsBinary DataStreaming
Firewall
Send
Receive
Exchange messages between loosely coupled, composite
applications.
Send
Receive
Page 12
AppFabric Service BusExpose apps and servicesover the internet across firewall, domain, and network boundaries
Communicate bi-directionally between in an interoperable manner
Choose interaction patterns to fit your application architecture,like eventing, service remoting, and protocol tunneling
Scale out naturally and reliably as applications and services grow
Page 13
Interaction PatternsEventingFB status, lightweight updates, event driven. Something happens and you get a notification.
Service remotingReach in and have some control over the information that I get from a service that lives elsewhere. Stock: I want to get price, next time I want to get volume.
TunnelingEstablished set of formats where information is exchanged. Exchange is asynchronous. Dedicated connection. Something closer to full remote control and visibility of application.
Page 14
AppFabric Service Bus Capabilities
Service RegistryFederated Identity
and Access Control
Application Messaging Patterns
Connectivity Fabric
Connectivity Fabric lets you setup a raw link across boundaries• NAT / firewall traversal• Mobile & intermittently
connected receivers
Application Messaging features provide various ways to communicate across that link• Bi-directional/peer-to-peer
communication• Cloud buffering – web
integration and message buffers
Service Registry makes apps and services discoverable to each other• Stable URIs for
services• Discovery –
supports Atom pub, …
Page 15
AppFabric Access Control
Applications or Users
Simplify and automate
complex authorization
schema requests.
Provide abstraction for
federated claims-based
authentication.
Easily establish secure trust relationship.
Data and Applications
Page 16
AppFabric Access Control Overview What it is:
• Federated authorization management service
What it does:• Simplify user access authorization across
organizations and ID providers• Perform claims transformation to map
identities with access levels
Use it to:• Secure AppFabric Service Bus
communications• Secure RESTful web services
Page 17
AppFabric Access Control Capabilities
Hosted Security Token Service• The output security token
contains claims computed from claims in incoming tokens
Standards Based• Works with Java, Ruby,
PHP, etc.
Define and manage rules to map claims to claims• Create and manage scopes; e.g.
URLs• Create and manage claim types• Create and manage signing and
encryption keys• Create and manage rules within
an application scope• Rules can be chained; e.g. Bob
Manager, Manager Edit-enables RBAC or more
• Manage permissions on scopes; e.g. delegation
Page 18
Architecture of AppFabric Access Control
Your AccessControl Project
Your App(Relying Part)
1. Define access control rules
6. Check for claims
User(Application)
5. Send token with request
0. Trust exchanged; secrets, certs
2. Send token (initial claims; e.g.
identity)
4. Return token (output claims from 3)
3. Map input claims to output claims based on access control rules
Page 19
Federated Identity with Microsoft “Geneva”Windows Identity Foundation Complements AppFabric Access Control
AppFabric Access Control simplifies and externalizes complex authorization requests: What are you now ALLOWED to do?
Active Directory and Live ID provide the authentication via Windows Identity Foundation: Who are you?
Active DirectoryFederation Server v2
Active Directory
FEDERATED IDENTITY
FEDERATED IDENTITY
Enterprise On-premises Win
dow
s Identity
Foundatio
nAppFabric Access Control
Finished
Services
Finished
Services
Scalable
Services
Microsoft FederationGateway
Windows Live ID
Web applications
Page 20
CASE STUDY
Company Profile:
Benefit Drivers:• Trustworthy: Customer’s
confidence in Microsoft’s scalability• Agility: Scalability for customers’
needs• Focus: Deliver services rather than
working on coding integration interfaces
Situation/Solution:When Microsoft announced the Windows Azure™ platform, Cast Iron wanted to enhance its integration solution with better connectivity to other public and private cloud offerings and to on-premises data.
Cast Iron used AppFabric’s Service Bus and Access Control, developer services that run on Windows Azure, to quickly provide broad connectivity with other data sources.
Key Advances:The ability to scale and gain confidence from customers by doing so with Windows Azure platform and the ability to focus on delivering services instead of wasting resources on coding integration interfaces.
“Without the Service Bus and Access Control, we would have had to create our own service bus infrastructure, which would have taken months.” —Rishi Vaish, Vice President of Engineering, Cast Iron Systems
Cast Iron Systems provides application integration solutions that help organizations connect many kinds of business software. The Mountain View, California–based firm employs 100 people.
Integration Specialist Speeds to Market with Cloud-to-Cloud Interoperation
Page 21
CASE STUDY
Company Profile:
Benefit Drivers:• Efficiency: Avoidance of huge
capital costs• Agility: Massive scalability and
faster time to market• Focus: Create new market
opportunities and less resources on infrastructure needs.
Situation/Solution:AWS needed a way to scale its successful sea-safety application so that more lives could be saved, but wanted to avoid an expensive development effort and costly infrastructure expansion.
AWS migrated its application to the Windows Azure™ platform and used AppFabric’s Service Bus and Access Control to provide global communications scalability.
Key Advances:The ability to scale without huge infrastructure costs, move new applications and software to market faster, and create new market opportunities.
“Our original architecture supported 10,000 vessels, but the Windows Azure platform enables us to support hundreds of thousands or even millions of vessels, without any capital expenses.” —Richard
Prodger, Technical Director,
Active Web Solutions
Active Web Solutions (AWS), based in Ipswich, United Kingdom, is a Microsoft® Gold Certified Partner that specializes in Web application and custom software development. It has 35 employees.
Developer Scales Search-and-Rescue Application to Help Save More Lives at Sea
Page 22
CASE STUDY
Company Profile:
Benefit Drivers:• Efficiency• Minimal Investment Risk• Expanded Business
Opportunity• Agility• Ease of Deployment
Situation/Solution:To improve its own development process, Dot Net Solutions created a virtual project-collaboration application.
When the software, called ScrumWall, drew great interest from customers, the company used the Windows Azure™ platform to offer it as a hosted service.
Key Advances:The ability to bring a new product to market without a risky capital investment, allowing the company to safely foray into new territory that may hold high revenue potential.
“Windows Azure enables us to move into the realm of the ISV. We’re already experts at delivering custom software for customers. We can now take these skills and build a software product, delivering it to a potentially massive user base—but without the risk of hosting it on our own infrastructure.”—Dan Scarfe, Chief Executive Officer, Dot Net Solutions
Dot Net Solutions is a United Kingdom–based systems integrator specializing in building bespoke solutions with Microsoft® products and technologies. The company takes pride in producing defect-free software—on time and within budget.
Systems Integrator Launches Innovative Software with Minimal Capital Investment
Page 23
CASE STUDY
Company Profile:
Benefit Drivers:• Efficiency: Low up-front
investment and easy-to-use development tools.
• Agility: Scale to reach demands and quick prototype and implementation.
• Focus: Simplified capacity planning and innovate new business opportunities.
Situation/Solution:AP wanted to open potential revenue streams and find new customers for AP content with a highly scalable application programming interface (API) that developers worldwide could use to incorporate into their applications.
AP originally considered an on-premises solution, but was concerned about the up-front investment in hardware and software. After considering several “cloud computing” platforms, AP chose to base its offering on the Windows Azure™ platform.
Key Advances:The ability to scale and meet demand, work with smart development tools, plan a capacity budget, decrease up-front costs, and focus on new business opportunities.
“Capacity planning is the thing that stands out as the biggest advantage of the Microsoft cloud model. The Windows Azure platform takes that out of the equation for us, unlike the other cloud providers.” —Jonathan Malek, Chief Architect and Director of Research,
Associated Press
The Associated Press (AP) provides up-to-the-minute news and information for newspapers, radio, television, and the Internet, 24 hours a day, 7 days a week. It is the world’s largest and oldest news organization, with 243 bureaus in 97 countries and a worldwide staff of 4,100. AP serves 1,700 newspapers and 5,000 broadcast outlets in the United States, along with 550 international broadcasters.
Worldwide News Provider Creates New Content Channels with Hosted Computing
Page 24
The Developer Experience
Developers use existing skills and tools.
Flexible, Internet-scale service• Part of the Windows
Azure platform• Use it to connect
cloud services to on-premises assets
• Or consume as a cloud service for composing “traditional” web and enterprise services
Standards-based and interoperable• Support web standards• Program in multiple
languages and frameworks, including .NET, Java and Ruby
• Interface via API or Web console
• Compose apps that span multiple platform providers
Extends existing investments• Build on prove
Microsoft technology and programming models
• Leverage your familiarity with .NET experience, tools, frameworks
• Develop, debug, test, and deploy from Visual Studio
• Compatible with MS stack
Page 25
• Rich Service Templates• Multiple Geo
Locations• Multiple Languages• Full Trust• Active Directory
and Web ID• Relational &
Virtualized Database • Auto DB
Management
• Simple Service Templates• One Geo• ASP.NET• Medium Trust• Automated Service
Management• Service Bus,
Access Control
• Admin Mode/VM Deployment• Geo Replication & On Premises• Systems Center Integration• Enterprise ID Federation• Distributed Queries & CLR• Analytics & reporting• Data Synch (DataHub)
Commercial Release
CTP Future
Web 2.0
Enterprise
Partners
Windows Azure Platform Roadmap
Page 26
RESOURCES:www.microsoft.com/windowsazure/partnerspartner.microsoft.com/azure www.azurequickstart.com
SERVICE BUS and ACCESS CONTROL
28
Stay Updated
Know More about Windows Azure- http://www.microsoft.com/windowsazure/ Know more about Microsoft Cloud Services- http://www.microsoft.com/india/cloud/ Request for an Enterprise Cloud Assessment workshop- email us at [email protected] us