Your SlideShare is downloading. ×
Progam slides | December 17, 2013 | Federal Cloud Computing Summit
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Progam slides | December 17, 2013 | Federal Cloud Computing Summit

776
views

Published on

Program sides from the Federal Cloud Computing Summit on Dec. 17, 2013 at the Ronald Reagan Building in Washington, D.C.

Program sides from the Federal Cloud Computing Summit on Dec. 17, 2013 at the Ronald Reagan Building in Washington, D.C.

Published in: Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
776
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Thanks collaboration session attendees. great turnout from government, industry, and academia generated actionable recommendations for major cloud challengesThank Tom Suder and MobileGov for hostingThanks government and industry for attending
  • From MITREThought leader in cloud computingLead cloud research for the DoD and ICCurrent focus is on tactical clouds, ad-hoc cloud data sharingSTEM Outreach lead in Hampton RoadsAlso a PhD Student at ODUResearching web scienceIncluding the Memento project focusing on web-scale data extraction and organizationIn my work:Established an understanding of major challenge areasSeen parallels between government, industry, and academiaThe collaboration sessions we held yesterday provided an opportunity for each of those three groups to collaborate on lessons learned, approaches, and actionable recommendations for solving these challenge areas.More importantly, this is the first attempt at establishing a government-industry-academia community of collaboration around cloud computing.
  • Recommendations for migrating to- and between-cloudsApproaches for ensuring data and service portabilityRecommendations/Approaches/Standards for allowing cross-cloud communication and data sharing (both between and within silos in the government).
  • Recommendations for migrating to- and between-cloudsApproaches for ensuring data and service portabilityRecommendations/Approaches/Standards for allowing cross-cloud communication and data sharing (both between and within silos in the government).
  • Recommendations for migrating to- and between-cloudsApproaches for ensuring data and service portabilityRecommendations/Approaches/Standards for allowing cross-cloud communication and data sharing (both between and within silos in the government).
  • Recommendations for migrating to- and between-cloudsApproaches for ensuring data and service portabilityRecommendations/Approaches/Standards for allowing cross-cloud communication and data sharing (both between and within silos in the government).
  • Recommendations for migrating to- and between-cloudsApproaches for ensuring data and service portabilityRecommendations/Approaches/Standards for allowing cross-cloud communication and data sharing (both between and within silos in the government).
  • As mentioned, this is the first attempt at utilizing academics at this scalePast academic publications include foundations for cloud.Many relevant discoveries have come out of academia. Government has the opportunity to direct which outcomes are worked.Benefits to Industry/GovernmentAcademics provide theoretical perspectiveCapable of research grant money (NSF)Provide high-level outcomesPageRank, kryder’s law and its role in cloud pricing, and the REST paradigm were all academic deliverables – peer review and doctoral worksBenefits to Academia:Curriculum designIncreased research fundingHigher quality graduatesBetter workforce, increased collaboration, higher-quality deliverables
  • Call for mentor participationHelp direct curriculaSet research goalsLeverage academic researchCreate partnerships/talent pipelinesWe are working to create the community around thisLeverage the contacts to government, academia, and industry between AMARC and MITRE
  • As a testimony to academic successes and planned use, I’d like to introduce Dan Mintz from AMARC.
  • Hi, I’m Adam PorterToday, I’d like to do three things.I’ll talk briefly mention what mobile cloud computing is.I’ll talk about some big changes that are happening in training and educationAnd I say a few words about these trends are further influenced by mobile cloud computing and what that may mean for organizations that provide or consume learning and development services
  • Nowadays, mobile devices are the way that most people access computing
  • There’s a rich variety of smart phone and tablet devices out there and it’s no wonder why they’re popular. They have many great properties:
  • They’re lightweight. You can carry them around in a briefcase, purse, or pocketThey’re sensor-enabled, so they know where you are, where they’re pointed, how they’re being moved, and applications can change their behavior based on this informationAnd they use wireless and cellular networks to stay connected to the Internet almost everywhere they go.On the downside, however, they’re not as resource-rich as traditional computers – they are less powerful, have less memory and have limited battery power.
  • So mobile cloud computing is a way to get the best of both worlds.
  • With mobile cloud computing, lightweight, context-aware devices, become extensions of powerful remote computing services, by interacting with them over wireless networks.
  • At the same time that mobile cloud computing is starting to mature, there are other trends that are reshaping the education and training landscape as well.
  • Now one term you may have heard or read about recently is the word MOOC.MOOC which stands for Massive, Online, Open Courses
  • In implementation terms, MOOCs are cloud-based, Interactive Learning SystemsA typical course has a bunch of videotaped lectures and tutorials, each broken into 5-10 minute segmentsAfter each segment, there are often questions for the students to answerAnd each lesson, can have some activities to do, including online quizzes and hands-on assignments, that are graded with a mix of automated and manual means.
  • For example, In January, I will be teaching a MOOC course called Programming Mobile Applications for Android Handheld Systems on the Coursera platformRight now, the course has around 75K students signed. I expect that we’ll have over 100K by the time the course starts.This course will actually be taught as part of a 3-course sequence with 2 other professors from Vanderbilt Univ, so it’s a first step towards an “a la carte” style of education in which courses cross institutional boundaries, and students pick and choose from a wide variety of courses, offered by a wide variety of instructors
  • To give another example, the Code Academy’s week of code program provided tutorials on programming to over 15Million students, who took them, writing over 500 Billion lines of code.
  • So education and training is changingLearning market is expanding and people are students and need to learn throughout their lifetimesIn addition, the distinction between teach and student is blurringWhat you know` as long as you can prove that you know it, is becoming relativelymore important thanwhere you learned it. There’ s going to be a lot more emphasis on students creating portfolios to showcase what they’ve learned.
  • Content is still king, but basicinformation delivery is increasingly becoming a commodity.In my opinion, the real value-added differentiator will be in human, hard to outsource areas, such as hands-on activities, access to cutting edge facilities & projects, collaborations, and face-to-face networking.Overall, market power is shifting from institutions to instructors and students. There’s more choice. There are more options for students, so competition among providers will increase.
  • Now when you bring mobile cloud and education together, there are several additional trends that will further reshape the landscape as well.
  • Increasingly, education will be delivered on mobile devicesLearning providers will begin to exploit mobility & context to teach in new ways, at new timesThere will be more opportunistic education, done out in the real world, rather than in a traditional classroom, in which students interact with real things.
  • Mobile devices will also redefine who the learner is. Traditionally employee’s and students are the learners, but now so are our bosses, our and potential customers or clients, and even the general public.Going forward, more mobile education will be backed by powerful cloud services, so the educational experience can leverage complex computations, interact with simulators, support data analytics, and more.To finish up, let me give you a quick example of some interesting mobile education prototype systems.
  • This is a screen shot of the MARS Superintendent, by PAR Works, a company co-founded by Jules While of Vanderbilt UniversityThis products allows you to tag physical objects, for example, on a Factory floor, with structured information. Users point their device at an object and can then see relevant information superimposed over the object.
  • For example, you can attach safety training information related to a particular piece of equipment.
  • So thanks and I’ll turn over the mic to the next speaker.
  • CSA’s provides a simple frameworkto help organizations evaluate initial cloud risks and inform security decisions. This a quick method helps understand: Importance of what is considered to be moved to the Cloud; Organization's risk tolerance; Which combinations of deployment and service models are acceptable. It also helps get a good idea of potential exposure points for sensitive information and operations.
  • Multi-Tenancy implies use of same resources by multiple consumers from same or different organizations, as cloud services leverage shared infrastructure, data, metadata, services, and applications. Data and applications of one consumer may reside with data and applications of other consumers. The impact is visibility/access to confidential residual data or trace of operations by other tenants through the shared platforms, storage, and networks.
  • A concise version of the discussed by NIST multi-tenancy risks is provided.
  • A concise version of the discussed by NIST multi-tenancy risks is provided.
  • Cloud Computing Use Case Group started collaborative work to describe and define cases and demonstrate the benefits of cloud, with the goal to highlight the capabilities and requirements that need to be standardized in cloud environments to ensure interoperability, ease of integration, and portability. The following table presents concise definitions, based on their and the testing standards group work.CSA -- Table.
  • Concise presentation on cloud portability and interoperability categories listed by The Open Group.
  • Transcript

    • 1. Welcome to the Federal Cloud Computing Summit @fedsummits #cloudfeds
    • 2. The Federal Cloud Computing Summit Mobile App is now available for download
    • 3. Host Organization Advanced Mobility Academic Research Center AMARC is a non-profit organization that focuses on the three areas: Academic, Government & Corporate. The Academic Research sector is the bridge between Government and Corporate participation. @amarcedu www.amarcedu.org
    • 4. Agenda 8 to 9 a.m. – Opening of Cloud Technology Showcase 9 to 9:10 a.m. – Welcome, Keith Trippie, DHS 9:10 to 9:50 a.m. – Visionary Keynote, Bill Schlough, San Francisco Giants @fedsummits #cloudfeds
    • 5. Agenda 9:50 to 10:40 a.m. – Panel 1, Innovation Today Moderator: Keith Trippie, DHS Panelists: Peter Chin, DHS; Joe Klimavicz, NOAA; Mark Schwartz, DHS @fedsummits #cloudfeds
    • 6. Agenda 10:40 to 11:30 a.m. – Panel 2, Cloud Acquisition Solutions Moderator: Jason Miller, Federal News Radio Panelists: Mark Day, GSA; Keith Trippie, DHS; Oliver Voss, NNSA @fedsummits #cloudfeds
    • 7. Agenda 11:30 a.m. to 12 p.m. – Cloud Technology Showcase 12 to 1 p.m. – Cloud Innovation Awards Presenters: Greg Mundell, InfoZen & Tom Suder, AMARC The Cloud Innovation Awards recognize individuals that use cloud solutions to better accomplish the mission of their agency @fedsummits #cloudfeds
    • 8. Cloud Innovation Award Winners Matt Goodrich – General Services Administration Jennifer Gray – U.S. Department of Health & Human Services Roopangi Kadakia – NASA Julie Mintz – Defense Information Systems Agency @fedsummits #cloudfeds
    • 9. Past Cloud Innovation Award Winners Casey Coleman – General Services Administration Anil Karmel – National Nuclear Security Administration Shawn Kingsberry – Recovery Accountability and Transparency Board Dr. David McClure – General Services Administration Keith Trippie – U.S. Department of Homeland Security @fedsummits #cloudfeds
    • 10. Agenda 1 to 2 p.m. – Cloud Technology Showcase 2 to 2:45 p.m. – Panel 3, Security Harmonization Moderator: Christopher Dorobek, DorobekINSIDER Panelists: Jeff Eisensmith, DHS; Doug Gardner, DISA; Maria Roat, GSA; John Streufert, DHS @fedsummits #cloudfeds
    • 11. UNCLASSIFIED Cloud Security Model Details 12 DEC 2013 -- 1300 UNCLASSIFIED 11
    • 12. Agenda 2:45 to 3:30 p.m. – Panel 4, Recap of MITRE Cloud Collaboration Sessions Moderator: Justin Brunelle, MITRE Challenge Area 1: Interoperability & Portability Challenge Area 2: End-to-End Service Delivery Challenge Area 3: Federal-Wide Standards for SLAs Challenge Area 4: Cyber Security @fedsummits #cloudfeds
    • 13. Leveraging Academia to Solve Cloud Challenges Justin F. Brunelle The MITRE Corporation jbrunelle@mitre.org
    • 14. Thank you!
    • 15. Justin F. Brunelle jbrunelle@mitre.org
    • 16. Cloud Working Group: Tactical Cloud • Government collaboration – Data replication – Ad hoc/distributed cloud analytics – Identity Access Management – Federated Query
    • 17. Interoperability & Portability • Cloud enables interoperability • Mobile is key • Universal service catalog • Need improved models
    • 18. End-to-end Service Delivery • Need a la carte pricing • Not all services suitable for cloud • Need improved models • Assured elasticity with fixed max cost
    • 19. Federal Standards and SLAs • • • • SLAs for multiple providers Improved governance Agile methods for cloud provisioning Federal collaboration needed
    • 20. Cyber Security • • • • Need Security as a Service A la Carte security procurement Security as contractual obligation Automatic detection
    • 21. Academic Collaboration • Interop: mobile as enabler • End-to-end: need real-time to disconnected users • SLAs: improved modeling • Security: need automatic detection • Need: – Industry days – Attention to government trends – Industry to Academia Signal for need
    • 22. Academics to shape cloud landscape
    • 23. Call for mentors! • Leverage Academia • Use a talent agent – AMARC – MITRE jbrunelle@mitre.org
    • 24. Dan Mintz • • • • Executive Director of AMARC Former CIO Fed 100 Award Winner Adjunct Professor, IT Education: – Syracuse University – University of Maryland University College
    • 25. Agenda 3:30 to 4:15 p.m. – Panel 5, The Future of Cloud Moderator: Dan Mintz, Advanced Mobility Academic Research Center (AMARC) Panelists: Irena Bojanova, University of Maryland Univ. College; Chris Kemp, Former CTO, NASA & CSO, Nebula; Adam Porter, University of Md.; Dr. David Rogers, University of Central Florida 4:15 to 4:30 p.m. – Afternoon Visionary Keynote, Keith Trippie, DHS @fesummits #cloudfeds
    • 26. Welcome to the Federal Cloud Computing Summit @fedsummits #cloudfeds
    • 27. Mobile Cloud is Changing Adam Porter Training & UMD Education
    • 28. Mobile Cloud Computing
    • 29. Trends in Education
    • 30. M assive O pen O nline C ourses
    • 31. Highly scalable, cloud-based, interactive learning systems Video lectures / tutorials In-video questions Online quizzes Hands-on assignments
    • 32. https://www.coursera.org/course/android 70K+ students from all over the world Part of a multi-course sequence taught with Vanderbilt University
    • 33. 15M+ students Wrote 500B LOC
    • 34. Learning never sleeps Everyone will be a teacher and a student What you know and can show, more important than where you learned it
    • 35. Content is still king, but lessons are becoming commoditized Hands-on experiences are the real added value It’s a buyer’s market
    • 36. Mobile Cloud + Education
    • 37. Bring Your Own Device (to class) Providers will exploit mobility & context awareness Just in time learning, outside the classroom Leverage sensors to interact with real world
    • 38. Everyone’s a learner More cloud-supported learning applications Leverage complex computations, interact with simulators, data analytics, etc.
    • 39. MARS Superintendent by PAR Works
    • 40. For more information, contact aporter@cs.umd.edu
    • 41. Future of Cloud Computing Irena Bojanova, Ph.D. UMUC, NIST
    • 42. No Longer On The Horizon Essential Characteristics • Pay/charge-per-use access to applications, software development & deployment environments, and computing infrastructure. • Optimized, efficient computing through enhanced collaboration, agility, scalability, and availability. • On-demand Self-Service • Broad Network Access • Resource Pooling • Rapid Elasticity • Measured Service Service models (SPI) Natural evolution of the Web: • Software as a Service (SaaS) • Platform as a Service (PaaS) • Infrastructure as a Service (IaaS) Web Sites Applications Deployment models • • • • Private Community Public Hybrid  Next logical step for IT industry  Strategic weapon in enterprise computing  Norm in every sector of society. SaaS Developer Platforms PaaS Compute and Store IaaS Governments, organizations, and individuals adopt cloud computing  to manage information instead of infrastructure.
    • 43. Now Focus On • Initial Risks Evaluation – using CSA’s framework – – – – • Multi-Tenancy – the True Cloud solution – – –    • Importance of data and applications/functions/processes to be moved to Cloud Risk tolerance of organization Acceptable deployment and service models combinations Potential exposure points for sensitive information and operations. Data and applications of different consumers share platforms, storage, and networks Tightly related to resource pooling  Economies of scale, passed to costumers Use of newest technology and the latest software versions Logical separation is a suitable substitute for physical separation. Main risks come from not knowing the architecture One of top 6 questions to ask: Is it hosted or a true Cloud solution? Cloud-Based Integration – iPaaS – – Silos –- applications and data cannot interact with on-premise systems. iPaaS –- development, execution and governance of integration flows • Connecting on-premise and cloud-based processes, services, applications, and data • Within individual or across multiple organizations.
    • 44. Now Focus On (Cont.) • Cloud Portability, Interoperability, and Federation – – – – –   Applications and data are easily moved between platforms and providers Scaling one service across disparate providers , while appearing and operating as one system Interoperability is closely related to rapid elasticity and multi-tenancy Connecting clouds through network gateways  hybrid Cloud environment Interconnecting services of providers from disparate networks Providers wholesale or rent resources to balance workloads and handle spikes in demand Standard, pre-negotiated set of contracts.; Federation agreements. Benefits for Consumers  Choose best provider by flexibility, cost, and availability of services  Use most appropriate infrastructure environment  Distribute workloads around globe ;move data between disparate networks. Benefits for Providers  Earn revenue from idle or underutilized resources  Expand geographic footprints without building new points of presence.  Considerable effort: IEEE CS P2302 – Standard for Intercloud Interoperability and Federation.
    • 45. New Trends Nexus of Forces –evolving through convergence and mutual reinforcement of:   Social Mobile  Cloud  Big Data • Social media and mobile apps provide platform for effective social and business interactions. • Cloud offers convenient and cost effective computational and information delivery infrastructure. • New digital economy is being built upon this Nexus in combination with the Internet of Things, unlocking an incredible opportunity to connect everything together. The gap between ideas and actions is being rapidly reduced through: Near-global connectivity Pervasive mobility Industrial-strength compute services Access to vast amounts of information Without Cloud • • • Social interactions – no place to happen at scale Mobile – no connection to data and functions Information – stuck inside internal systems.
    • 46. New Trends (Cont.) • Personal Clouds (PC’s) – – – – • Hybrid Clouds Evolution – – • PC idea reborn -- control on data, apps, terms of service Personal devices  Personal services; self-hosted, provider-hosted, or hybrid Interoperable and addressable through XDI p2p marketplace – Find and engage with anyone with PC’ – trust, reputation. From integration of internal private clouds & public services  Towards bringing together personal clouds & external private services Will have to be design with interoperability and federation in mind. Private Clouds Evolution – – Will have to be designed with hybrid future in mind to be able to handle future aggregation, integration, interoperability, and customization of services Organizations implementing such clouds will have to: • Handle overdrafting and cloudbursting • Take role of cloud service brokers.
    • 47. New Trends (Cont.) From • Cloud ~ provides ubiquitous, on-demand, elastic, selfconfigurable, cost effective computing. and • Mobile ~ convenient gadgets, with regional wireless communication and limited data services and computing and power resources. Flyables Drivables To • Cloud-Based Mobile Augmentation (CMA) ~ employs Cloud to increase, enhance, and optimize computing capabilities of mobile devices. and • Cloud Mobility ~ low-end mobile devices access cloud computing resources and globally connected mobile enabled resources. Wearables Scannables
    • 48. Evaluating Initial Cloud Risks Steps in Evaluating Risk Details 1. Identify asset for cloud deployment • Determine exactly what data or applications/ function/ process is being considered for the Cloud. Potential uses of asset to account for: • Scope creep — data and transaction volumes often become higher than expected. 2. Evaluate asset Ask what would be the harm if: • Determine how sensitive that data is and how important that application/ • Asset became widely public and widely distributed function/ process is to organization. Assess confidentiality, integrity, and • Asset were accessed by employee of Cloud provider availability; and how risk changes if all/ part of that asset is in the Cloud • Process/function were manipulated by outsider — similar to project outsourcing assessment, just with wider range of • Process/function failed to provide expected results deployment options. • Data were unexpectedly changed • Asset were unavailable for a period of time 3. Map asset to cloud deployment models Which model is acceptable for identified asset: • Determine if any risks implicit to different deployment models (private, • Public; Private, internal/ on premises public, community, hybrid) and hosting scenarios (internal, external, • Private, external — look at dedicated or shared infrastructure combined) are acceptable. • Community — look at hosting location, service provider, • At this point there should be a good idea of the comfort level for community members transitioning to the Cloud, and which deployment models and locations fit • Hybrid — look at least at rough architecture of where desired security and risk requirements. components, functions, and data will reside 4. Evaluate cloud service models and providers • Focus on degree of control organization will have at each SPI tier to implement any required risk management (risk mitigation). • For a specific offering, switch to a fuller risk assessment. Consider: • SaaS • PaaS • IaaS 5. Map out data flow Consider: • For specific provider offering, map out data flow between organization, • Private cloud service, any customers/ other nodes. Understand whether and how • Public data can move in and out of the Cloud. • Community • For any offering, sketch out rough data flow for any deployment option • Hybrid on your acceptable list, to help you identify risk exposure points when making final decisions. Consider: • Providers' offerings Consider: • Providers' offerings
    • 49. Multi-Tenancy Examples of Shared Resources by Service Model Service Model Shared Resources Shared By SaaS Same application or database Different consumers Paas Same operating system, and supporting data and networking services Different processes Iaas Same hardware via a hypervisor Different VMs General Methods for Achieving Multi-Tenancy Multi-Tenancy Via Database Description Cost Database and configuration, with isolation provided Least costly. at the application layer. Virtualization VM technology, providing hardware emulation layer over the real hardware. Multiple copies of server OSs are run within one physical machine, while sharing physical hardware (network cards and disk storage) between virtual OS instances. Might reduce services costs and expenses, but is more costly compared to multi-tenancy via databases. Physical separation Resources are provided to tenants individually — each tenant uses only dedicated hardware. Most costly.
    • 50. Security Risks • • PaaS builds upon IaaS, SaaS in turn builds upon PaaS  security issues and risks are inherited just as capabilities are. Lower down the stack, provider stops bearing responsibility, and consumer becomes responsible for more security capabilities and management. Service Model Security • Most integrated • Least functionality built consumer directly into the extensibility offering • Relatively high level of integrated security - provider responsible • Negotiated into contracts for service (service levels, privacy, compliance) • Customer ready futures SaaS Integrated Features Extensibility • More extensible than SaaS • Less complete built-in capabilities • Securing the platform -- provider responsible • More flexibility to layer on additional security • Applications developed on platform and developing them securely -- consumer responsibility • Few if any application-like futures • Enormous extensibility • Protecting underlying infrastructure and abstraction layers -- provider responsible • Less integrated security capabilities and functionality beyond that • Reminder of stack -- OSs, applications, content -managed/ secured by consumer PaaS IaaS
    • 51. Multi-Tenancy Risks (1) Deployment Model Multi-tenancy Risks and Mitigation Implications: Workloads of different consumers may reside: • Concurrently on same computer system and local network, • Separated only by access policies implemented by provider's software. Consumers security could be compromised by flaw in: General • Implementation or • Provider’s management and operational policies and procedures. Multi-tenancy risks: • Reliability – failure may occur • Security – attack may be perpetrated by consumer Implications: • General risks apply, as there could be authorized but malicious insiders • Different organizational functions (payroll, sensitive PII storage, IP generation) can become accessible to not authorized users and classes of data disclosed. On-site Risks mitigation: • Logical segregation techniques at network layer, such as VPN Routing and Forwarding (VRF) Private • Clients are restricted to organization members or authorized guests/ partners. Implications: • On-site private cloud risks apply. Risks mitigation: Outsourced • FISMA and OMB policy require external cloud providers to handle federal information or operating information systems on behalf of the federal government meet same security requirements as federal agencies.
    • 52. Multi-Tenancy Risks (2) Deployment Model Multi-tenancy Risks and Mitigation Implications: • On-site private cloud risks apply, but more organizations are encompassed. On-site Risks mitigation: • Restricted number of possible attackers, but more than with private onside cloud. Community Implications: • On-site community cloud risks apply. Outsourced Risks mitigation: • Restricted number of possible attackers, but more than with private cloud. Implications: • Workloads of any combination of consumers may be sharing a single machine • Workload may be co-resident with workloads of competitors or adversaries. Risks: Public • Large collection of potential attackers, as public clouds aim scaling in consumers and resources to achieve low costs and elasticity. Risks mitigation: • Limited kinds of data for computations in the cloud • Data encryption (but then data needs to be unencrypted to be processed) • Physical separation – rent entire computer systems rather than VMs (mono-tenancy), VPNs, segmented networks, or advanced access controls.
    • 53. Interoperability (1) Interoperability, Portability, and Cloud Service Models Service Model Interoperability and Portability IaaS • Interoperability and portability of customer workloads are more achievable in IaaS service • IaaS building blocks are relatively well-defined, e.g., network protocols, CPU instruction sets, and legacy device interfaces PaaS • Application written to use specific services from a vendor's PaaS will require changes to use similar services from another vendor's PaaS • Efforts on development of open and proprietary standard API's to enable cloud management, security, and interoperability: Open Cloud Computing Interface Working Group (OCCI), Amazon EC@API, ... • Common container formats: DMTF'S Open Virtualization Format (OVF). • Application written to those standards is far more likely to be interoperable and portable. SaaS • Portability of workloads requires a level of compatibility and interoperability between SaaS applications.
    • 54. Interoperability (2) Interoperability of Between Application Need of Application components deployed as: Dynamic discovery and composition: • SaaS • Discover instances of application components • Applications using PaaS • Combine them with others at run time. • Applications on platforms using Note: Application component may be a complete IaaS monolithic application or part of a distributed application. Platform Platform components deployed as: • PaaS • Platforms on IaaS Standard protocols for service discovery and information exchange — indirectly these enable interoperability of applications on these platforms. Management • Cloud services (SaaS, PaaS, Iaas) and programs for implementation of on-demand self-service. Standard interfaces for cloud services — to create generic system management products for both cloud services and in-house systems. Publication and Acquisition Portability of Data Application Platform • Platforms, cloud PaaS services and Standard interfaces to these stores — to lower cost of for marketplaces (including app stores). software provideers and users. Enables Re-Use of • Data components across different applications • Application components across cloud PaaS services and traditional computing platforms • Platform components across cloud IaaS services and non-cloud infrastructure (platform source portability) • Bundles containing applications and data with their supporting platforms (machine image portability)
    • 55. Upcoming Events Federal Mobile Computing Summit January 22, 2014, Washington, D.C. www.mobilefeds.com Federal Cloud Computing Summit June 2014, Washington, D.C. www.cloudfedsummit.com