A Perspective on Scientific Cloud Computing

Similar documents
Cloud Standards: Vincent Franceschini CTO Intelligent Data Fabrics, Hitachi Data Systems Chairman Emeritus, SNIA

Beyond Status and plans

Topics of Discussion

Agenda. Sill, Alan Texas Tech University Workshop Introduction 8:30 AM Recently Released OGF Standards; US Federal and Other Roadmap Efforts

Fundamental Concepts and Models

Securing Data in the Cloud: Point of View

Open Grid Forum. OGF s Role in the Community

Cloud Computing. Rainer Zimmermann

Government IT Modernization and the Adoption of Hybrid Cloud

Part III: Evaluating the Business Value of the Hybrid Cloud

einfrastructures Concertation Event

Cloud First Policy General Directorate of Governance and Operations Version April 2017

Analytics in the Cloud Mandate or Option?

Overview of International Standards for Cloud Computing

Practical Guide to Cloud Computing Version 2. Read whitepaper at

Cloud Essentials for Architects using OpenStack

How to ensure control and security when moving to SaaS/cloud applications

Future Shifts in Enterprise Architecture Evolution. IPMA Marlyn Zelkowitz, SAP Industry Business Solutions May 22 nd, 2013

PUBLIC AND HYBRID CLOUD: BREAKING DOWN BARRIERS

CSA GUIDANCE VERSION 4 S TAT E O F T H E A R T CLOUD SECURITY AND GDPR NOTES. Hing-Yan Lee (Dr.) EVP, APAC, Cloud Security Alliance

Accelerate Your Enterprise Private Cloud Initiative

Cloud Computing Private Cloud

COMPTIA CLO-001 EXAM QUESTIONS & ANSWERS

Standardization Activities for Cloud Computing

Cloud Computing. Presentation to AGA April 20, Mike Teller Steve Wilson

NIST Cloud Computing Security Working Group

Practical Guide to Platform as a Service.

Cloud Storage Securing CDMI. Eric A. Hibbard, CISSP, CISA, ISSAP, ISSMP, ISSEP, SCSE Hitachi Data Systems

Chapter 4. Fundamental Concepts and Models

United States Government Cloud Standards Perspectives

Cloud Computing An IT Paradigm Changer

A guide for IT professionals. implementing the hybrid cloud

The Challenge of Cloud Security

Cloud Computing: Making the Right Choice for Your Organization

Building a Secure and Compliant Cloud Infrastructure. Ben Goodman Principal Strategist, Identity, Compliance and Security Novell, Inc.

hcloud Deployment Models

Security and Privacy Governance Program Guidelines

Securing Your Cloud Introduction Presentation

Cloud Strategies for Addressing IT Challenges

Cloud Going Mainstream All Are Trying, Some Are Benefiting; Few Are Maximizing Value

Cloud Standardization

Presented by Wolfgang Ziegler, Open Grid Forum

Cloud Going Mainstream All Are Trying, Some Are Benefiting; Few Are Maximizing Value

NATIONAL GUIDELINES ON CLOUD COMPUTING FOR GOVERNMENT, MINISTRIES, DEPARTMENTS AND AGENCIES

About the DISA Cloud Playbook

The Business of Security in the Cloud

Cloud Computing, SaaS and Outsourcing

Cloud Going Mainstream All Are Trying, Some Are Benefiting; Few Are Maximizing Value. An IDC InfoBrief, sponsored by Cisco September 2016

The Emerging Role of a CDN in Facilitating Secure Cloud Deployments

Security Models for Cloud

NIST Public Working Group on Federated Cloud (PWGFC) IEEE P2302 Intercloud Kickoff

Protecting Your Cloud

Next-Generation HCI: Fine- Tuned for New Ways of Working

Enhanced Privacy ID (EPID), 156

Practical Guide to Hybrid Cloud Computing. Cloud-Computing.

Cloud Customer Architecture for Securing Workloads on Cloud Services

How to avoid storms in the cloud. The Australian experience and global trends

CLOUD COMPUTING. The Old Ways Are New Again. Jeff Rowland, Vice President, USAA IT/Security Audit Services. Public Information

Run the business. Not the risks.

Cloud Computing Standard 1.1 INTRODUCTION 2.1 PURPOSE. Effective Date: July 28, 2015

Navigating the Clouds Fortifying ITIL for Cloud Governance

Securing the Cloud Today: How do we get there?

Migration to Cloud Computing: Roadmap for Success

Leveraging the Cloud for Law Enforcement. Richard A. Falkenrath, PhD Principal, The Chertoff Group

ISAO SO Product Outline

Making Privacy Operational

Architectural Implications of Cloud Computing

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

Cloud Services. Infrastructure-as-a-Service

Cloud Computing: Standardization Challenges EC/ETSI Workshop on Standards in the Cloud Emmanuel Darmois September 28, 2011

Cloud Computing and Its Impact on Software Licensing

Service Provider Consulting

Cloud Computing the VMware Perspective. Bogomil Balkansky Product Marketing

Business Technology Briefing: Fear of Flying, And How You Can Overcome It

Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV

CLOUD GOVERNANCE SPECIALIST Certification

Angela McKay Director, Government Security Policy and Strategy Microsoft

* Inter-Cloud Research: Vision

Copyright 2011 EMC Corporation. All rights reserved.

Healthcare IT Modernization and the Adoption of Hybrid Cloud

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

DISA CLOUD CLOUD SYMPOSIUM

Managing Your Privileged Identities: The Choke Point of Advanced Attacks

Should You Use Liberty or Passport for Digital Identities?

10 Cloud Myths Demystified

CLOUD STANDARDS INTEROPERABILITY: STATUS UPDATE ON OCCI & CDMI IMPLEMENTATIONS

Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

Choosing a Secure Cloud Service Provider

Multi Packed Security Addressing Challenges in Cloud Computing

Mitigating Risks with Cloud Computing Dan Reis

Managing Trust in e-health with Federated Identity Management

Secure Technology Alliance Response: NIST IoT Security and Privacy Risk Considerations Questions

SIMPLIFY, AUTOMATE & TRANSFORM YOUR BUSINESS

HOW IT INVESTMENT STRATEGIES HELP AND HINDER GOVERNMENT S ADOPTION OF CLOUD & AI

VMware vcloud Air Network Service Providers Ensure Smooth Cloud Deployment

Shaping the Cloud for the Healthcare Industry

Towards a National Cloud Strategy for Kenya

3 rd CloudWATCH Concertation Meeting Turning cloud research into innovative software & services

IT Service Quality amidst a World Gone Cloud. June 2012 V: 2.0

Click to edit Master title style

Transcription:

A Perspective on Scientific Cloud Computing Science Cloud Workshop, June 21, 2010 Dr. Craig A. Lee, lee@aero.org President, OGF, www.ogf.org Senior Scientist, The Aerospace Corporation A non-profit, federally funded R&D center

Introduction Cloud computing has many potential benefits As well as potential pitfalls Different organizations -- industrial, scientific & governmental will have different requirements and perceived risks for cloud computing How will these different requirements and risks drive their cloud adoption? How will these different requirements drive cloud deployment trajectories? And what can we do about it? 2

www.gpoaccess.gov/usbudget FY 2010 US Federal IT Budget: $79B ~70% spent on maintenance US Federal CIO pursuing cloud computing Apps.gov, data.gov web sites stood up NASA Ames Nebula cloud to be first back-end 3

A Scientific and Operational Grand Challenge Basic Science, Computational Science, Data Access, On-Demand Resources actual path 5 days out 2 4 1 3 Philip Bogden, (Past) SCOOP Program Director scoop.sura.org/documents/mts_journal_article_final.pdf

Expected Benefits, in General Provider-oriented Benefits Improver server utilization Improved reliability Greener IT Clear business models User-oriented Benefits Commodification of compute resources Managing surge requirements Ease of application deployment Virtual ownership of resources 5

Issues Security Information Assurance Governance Regulatory, Legal -- SLAs Portability & Interoperability Data and Applications Licensing Cloud licenses must be hardware & location agnostic Cost Where's the break-even point? General Scientific Performance Management Abstraction vs. Control -- SLAs Portability & Interoperability Data and Applications Execution Models Frameworks & SaaS Security Information Assurance Governance Regulatory, Legal -- SLAs Cost Where's the break-even 6 point?

Major Cloud Deployers & Adopters? Science Many operational grids introducing cloud functionality Industry Beyond client-provider to business-tobusiness Government -- National Cloud Initiatives US Cloud Storefront Concept Japanese Kasumigaseki Cloud Concept UK G-Cloud Concept 7

Cloud Deployment Modes Public Cloud Hybrid Cloud Hybrid Cloud Private Cloud Federated Cloud Private Cloud Organization A 8 Organization B

Key Observation The distinction between private and public clouds is really a relative distinction between whether you "own" the resources or not -- whether the resources are inside or outside your security perimeter, i.e., your administrative domain. Can you enforce membership, usage, and security policies? Do you know who your cloud tenants are and how they will behave? 451 Group identifies Trust and Control as the primary inhibitor of cloud technology, followed by Interoperability, Portability and Licensing ( It Is Cloud report, June 2010) Cloud Security Alliance Security Guidelines document listing many security and regulatory issues 9

What is the Likely Trajectory? Top-Down deployment/adoption of public cloud? Appealing from end-goal perspective, such as national cloud initiatives Challenge: Recruiting enough users whose security, reliability, and control requirements can be met Bottoms-Up deployment of organizational clouds? Realistic starting-point for many organizations -- much easier to control policy, security, risk, liability Challenge: Mitigating the risk of creating cloud silos that are non-interoperable -- cannot federate or hybridize 10

My Opinion Commercial public clouds will not evolve fast enough to accommodate the spectrum of user requirements across industry, science and government Many US gov agencies deploying their own private clouds Informal US GSA survey identified at least 50 gov cloud projects in 2009 Science cloud users will want more control of their applications Private clouds will be the predominant way that organizations adopt cloud computing for "serious work Allows in-house solutions to security, regulatory, performance issues This premise produces a trajectory of deployment issues, which in turn, can be used to produce a deployment, develop and research roadmap 11

Landscape Legal/Org. Technical Progression of Issues & Concerns Private Federated Hybrid Public Everything within secure perimeter Known number of known tenants Unknown tenants but secure perimeter No secure perimeter Job types & mixes Data access/interop Storage mgmt Workload mgmt Reliability Energy mgmt Governance VMs, VNs, VDCs Costing models Avoid vendor lock-in Harmonize/shake-out basic infrastructure standards ID mgmt VO mgmt Distributed workload mgmt Portability Interoperability Agreement on joint operations e.g., International Grid Trust Federation Harmonize/shake-out relevant standards Federation Distributed mgmt SLAs Full Security Privacy Data Leakage Denial of Service Eff. data deletion Outsourceable tasks Cost Predictability Liability Reporting Co-tenant reputation Provider viability Audits Legal Precedent Harmonize/shake-out relevant standards Practical ways to operate on encrypted data (not!) Virtual Private Clouds On-site inspections Understand & test provider s operation Harmonize/shake-out relevant standards Issues/Concerns Accumulate 12 Left to Right

Research Development & Risk Mitigation Deploymen t Draft Roadmap Dartboard Phase I Phase II Phase III Phase IV Existing IaaS processing and storage ID mgmt Develop common, extensible data arch & semantics Testbed Bake-off Reliability practices Workload mgmt Costing models Joint practices VO mgmt Dist Wrkld Mgmt Data access & interop Energy Mgmt SLAs at scale PaaS capabilities Auditing/Reporting mechanisms Regulatory support Set legal precedent Hybrid infrastructure SLAs Auditing/Monitoring/Re porting Cloud DNS VN, VDC, VPC demonstration Various security tools VN, VDC, VPC Secure operations Organizations deprecate their own infrastructures Virtual Enterprise/Mission Support Autonomic systems SLAs & governance to support job mix Event Notification at scale Various security issues Naming Cloud DNS VN, VDC, VPC mgmt Autonomic policy enforcement Virtual Missions Virtual Enterprises Encrypted operation Quantum computing 13

A Coordinated Short List Identity Management and Virtual Organizations Role-based authorization Supports cloud federation and business-to-business operations Manage ecosystem of Cloud Trust Management Portability and Interoperability Move workload between Cloud Provider A and B, while maintaining security and service levels Move workload "out" and "back-in" to same cloud, while maintaining security and service levels Common API semantics for managing cloud applications Control and Performance Management Clouds are enabled by a simplified interface that "abstracts away" how the actual infrastructure works What are the minimal abstractions that can be exposed through Service Level Agreements -- to users to enable adequate control? 14

What Can We Do About This? How can we drive cloud standards and adoption? Coordinate technology roadmapping efforts Leverage National Cloud Initiatives Coordinate existing groups & resources Many standards organizations pursuing cloud standards Promote technology demonstrations "Shake-out" standards and implementations Promote a more formal process

Cloud-Standards.org An informal group of Standards Development Organizations (SDOs) collaborating to coordinate and communicate standards for cloud computing, networks and storage Wiki: cloud-standards.org Mailing List: groups.google.com/group/cloudstandards Open Cloud Consortium Different SDOs bring different but complementary technologies & capabilities Storage, execution models, deployment models, service level agreements, security, authentication, privacy All interested, committed persons and organizations with relevant technical skills can participate

Emerging Cloud Standards OGF Open Cloud Computing Interface DMTF Open Virtualization Format SNIA Cloud Data Management Interface Together these represent the basis for standard IaaS 17

Open Cloud Computing Interface Focus on interoperable IaaS Cloud API: www.occi-wg.org Goal: Creation of a simple and RESTful API Simple and very extensible: ~15 commands Solid community interest 160 members on mailing list across industry & academia Four Main Documents Available The OCCI Core & Models The OCCI Infrastructure Models OCCI XHTML5 Rendering OCCI HTTP Header Rendering Four implementations OpenNebula (existing) Istituto Nazionale di Fisica Nucleare (INFN) (existing) SLA@SOI (planned) anonymous 18

OCCI Overview GET http://abc.com/uid123foobar/ Provider Instance Compute Operations (start, stop, delete, update) Covered by OCCI Storage Network Atom-like categories Resource Links Attributes HTTP LINK header

DMTF Open Virtualization Format A multi-vendor format enabling interoperability Exactly one XML document defining the content and requirements of the virtual appliance Optional SHA-1 digest for package data integrity Optional certificate for package authenticity Zero or more disk image files representing virtual disks for the virtual appliance

SNIA Cloud Data Mgmt Interface Manages the provisioning of block-oriented, file-oriented & object-oriented storage Used by permission.

A More Formal Process Drive incremental progress through near-term projects Build Critical Mass of Key Stakeholders Continual polling and coordination across the community Forge agreement on: Clear Goals Clear Schedule ( time-box the process) Clear Responsibilities Proper Provisioning of the Effort Major Stakeholders Must Contribute: Time, Money & People Technical staff must engage to do the real technical work The more people "invested", the more your agenda addressed! Deliver ROI to the Stakeholders Targeted Projects on Key Issues 22

One Iteration of this Process 23

Summary & Take-Home Message Argued that bottoms-up approach of evolving from private to public clouds acknowledges and leverages how the real-world works Draft roadmap dartboard presented Deployment, Development /Risk Mitigation, Research Coordinated Short List of Capabilities Reviewed status of OCCI, OVF, CDMI Series of demonstrations possible to harmonize/shake-out existing/developing standards Discussed ways to drive progress Many roadmapping efforts: NIST, SIENA, GICTF We must coordinate and collaborate 24

Thank you Questions? lee@aero.org Upcoming Event: OGF-30 Brussels, October 25-29, 2010 SIENA Roadmap Meeting ACM/IEEE Grid 2010 conference 25

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback