Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cloud Computing - Challenges and Opportunities - Jens Nimis

My personal opionion on Trends of Cloud Computing for 2010

  • Be the first to comment

Cloud Computing - Challenges and Opportunities - Jens Nimis

  1. 1. Cloud Computing – Challenges and Opportunities Dr. Jens Nimis GI-Regionalgruppe Karlsruhe 20. Januar 2010
  2. 2. = Stefan Tai‘s Joint Research Groups at Karlsruhe 2 23.10.2009 Institut für Angewandte Informatik und Formale Beschreibungsverfahren (AIFB)
  3. 3. Research Focus Areas: Challenging Research Problems in the Field of Service Computing Situational Applications & Collaborative Services Cloud Service Value Computing Networks & & Cloud Service Service Engineering Communities Internet as a combined platform for social / organizational, economical and technical networks 3 23.10.2009 Institut für Angewandte Informatik und Formale Beschreibungsverfahren (AIFB)
  4. 4. Agenda • Part 1: What is Cloud Computing? • Definition(s) • A closer look on Cloud technology • Part 2: Challenges and opportunities for 2010 • Potential and status • Some trend indicators • My personal Cloud trends for 2010 • Part 3: Cloud research and activities at eOrganization 4
  5. 5. Some Remarks on Cloud Definitions • „Definitions“ sometimes influenced by business interests • „[…] unfortunately the marketing people got hold of the term before the technicians have knew what Cloud Computing is […]“ • A lot of semi-serious definitions: • Cloud = Grid made right Cloud = Grid made easy • Grid: from Science for Science Cloud: from Business for Business • Let‘s be serious… 5
  6. 6. Some Serious Definition Attempts • UCBerkeley RADLabs: “Cloud computing has the following characteristics: (1) The illusion of infinite computing resources… (2) The elimination of an up-front commitment by Cloud users… (3). The ability to pay for use…as needed…”  business perspective • Wikipedia: “.. a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet”  technical perspective • McKinsey: “Clouds are hardware-based services offering compute, network and storage capacity where: Hardware management is highly abstracted from the buyer, Buyers incur infrastructure costs as variable OPEX, and Infrastructure capacity is highly elastic”  only one kind of Cloud [JB] 6
  7. 7. Our Understanding and Definition “Building on compute and storage virtualization, cloud computing provides scalable, network-centric, abstracted IT infrastructure, platforms, and applications as on-demand services that are billed by consumption.” Common ground: How strict? • Virtualisation/abstraction • Clouds are fuzzy things… • Scalability • E.g.: • XaaS • What about monthly fees? • Web technologies • Pay per use 7
  8. 8. More Fundamental Views Exist: CC as a Disruptive Transformation in IT • Simon Wardley: „Cloud Computing- Why IT Matters“, OSCON 09 • Compares CC to the (undefineable) industrial revolution: Attitude Technology Concept Cloud Computing Suitability • His definition: Cloud Computing is a generic term used to describe the disruptive transfomation in IT towards a service based economy driven by a set of economic, cultural and technological conditions 8
  9. 9. Agenda • Part 1: What is Cloud Computing? • Definition(s) • A closer look on Cloud technology • Part 2: Challenges and opportunities for 2010 • Potential and status • Some trend indicators • My personal Cloud trends for 2010 • Part 3: Cloud research and activities at eOrganization 9
  10. 10. Technical Cloud Architecture: Cloud Computing Stack  Generic Approach  Layered architecture  Everything as a Service concept  Standard layers  Infrastructure as a Service  Platform as a Service  Software as a Service  Extra Layers  Human as a Service  Administration/Business Support „What's Inside the Cloud? An Architectural Map of the Cloud Landscape“, 10 A. Lenk, T. Sandholm, M. Klems, J. Nimis, S. Tai (ICSE Cloud 09 Workshop, 25.05.2009)
  11. 11. Agenda • Part 1: What is Cloud Computing? • Definition(s) • A closer look on Cloud technology • Part 2: Challenges and opportunities for 2010 • Potential and status • Some trend indicators • My personal Cloud trends for 2010 • Part 3: Cloud research and activities at eOrganization 11
  12. 12. Well-known Success Stories: NYT, animoto,… • New York Times: • Bulk PDF production of scanned articles • Animoto • does not own any IT-infrastructure • Scalability (elasticity) through Cloud services 12
  13. 13. Cloud Computing Opportunities Creation of new businesses • Faster time-to-market, and cost-effective innovation processes • Dynamic (trans-)formation of open service and business networks • Leveraging the participation Web and mass programming Internet-scale service computing • Provide and consume sophisticated infrastructure, platforms and business applications as modular (Web) services • Disrupt traditional industries and offer rich, highly dynamic experiences Classical enterprise-grade systems management • Under-utilized server resources waste computing power and energy • Over-utilized servers cause interruption or degradation of service levels 13
  14. 14. Cloud Architecture  Cloud Ecosystem High-value SPs Intermediaries Basic SPs Infrastructure SPs 14
  15. 15. Cloud Computing in the Technology Crystal Ball [Gartner, July 2009] 15 Cloud Computing is on the top of Gartner‘s “Peak of Inflated Expectations“.
  16. 16. Agenda • Part 1: What is Cloud Computing? • Definition(s) • A closer look on Cloud technology • Part 2: Challenges and opportunities for 2010 • Potential and status • Some trend indicators • My personal Cloud trends for 2010 • Part 3: Cloud research and activities at eOrganization 16
  17. 17. Berkeley‘s Top 10 Obstacles to Cloud Computing Above the Clouds: A Berkeley View of Cloud Computing. Armbrust M, Fox A, Griffith R, Joseph A, Katz R, Konwinski A, Lee G, Patterson D, Rabkin A, Stoica I und ZahariaM. Technical Report No. UCB/EECS-2009-28. Electrical Engineering and Computer Sciences. 17 University of California at Berkeley. USA. 2009
  18. 18. Obstacles Perceived by Potential Cloud Consumers 18
  19. 19. Research Agenda for the European Cloud Community • Main Recommendations: • R1: EC should stimulate research and technological development • R2: EC together with Member States should set up the right regulatory framework to facilitate the uptake of Cloud computing • Additional Recommendations: • AR1: The EU needs large scale research and experimentation test beds • AR2: The EC together with industrial and public stakeholders should develop joint programmes encourage expert collaboration groups • AR3: The EC should encourage the development and production of (a) CLOUD interoperation standards (b) an open source reference implementation • AR4: The EC should promote the European leadership position in software through commercially relevant open source approaches The Future of Cloud Computing – Opportunities for European Cloud Computing Beyond 2010. Schubert L, Jefferey K., Neidecker-Lutz B. EU Expert Group Report – Public Version 1.0. 2010 19 To be published completely on 26.01.2010 in Brussels
  20. 20. Agenda • Part 1: What is Cloud Computing? • Definition(s) • A closer look on Cloud technology • Part 2: Challenges and opportunities • Potential and status • Some trend indicators • My personal Cloud trends for 2010 • Part 3: Cloud research and activities at eOrganization 20
  21. 21. My Derived Personal Cloud Trends for 2010 • Security: Rationalization of security discussion • SLAs: Establishment of useful SLA models • Ecosystem: Big IT companies will get into focus • Desktop as a Service: Thin clients+appliances+OS support • Standardization: The battle goes into the final rounds • Other candidates: • Pricing: model evolution, e.g. spot markets • Federation of Cloud infrastructures: distributed VPDC • … 21
  22. 22. Trend 1: Security • There is a strong need to rationalize the Cloud Security discussion • What aspects of security are we talking about? • Confidentiality (Vertraulichkeit) • Integrity (Integrität) • Availability (Verfügbarkeit) • Authenticity (Authentizität) • Transparency (Zurechenbarkeit) • Privacy (Pseudonymität) • What are the real threats in the Cloud? • Data security • Location of the data • Data remanence or persistence • Data backup and recovery schemes for recovery and restoration • Data aggregation and inference • Commingling data with other cloud customers 22
  23. 23. Amazon AWS: Terms of Use wrt. Security • “YOU ARE SOLELY RESPONSIBLE FOR APPLYING APPROPRIATE SECURITY MEASURES TO YOUR DATA, INCLUDING ENCRYPTING SENSITIVE DATA.” • “You are personally responsible for all applications running on and traffic originating from the instances you initiate within Amazon EC2. As such, you should protect your authentication keys and security credentials. actions taken using your credentials shall be deemed to be actions taken by you.” [MK] 23
  24. 24. Cloud Security Architecture: Aligned Use of Classical Security Approaches • Identity, Authorization, Entitlements • Log, Audit, Compliance Application as a service • Intrusion Detection Application software licensed for use as a Cross-domain service provided to customers on demand SOA for security • Confidentiality Cloud Delivered • Data classification, data redaction, DLP • Enterprise Rights Management Services Platform as a service Optimized middleware – application servers, • Security can be provided into the cloud by database servers, portal servers cloud user, to integrate with enterprise IT, or provided via the cloud Infrastructure as a service • Requires meta-management of security Virtualized servers, storage, networking Multi-tenancy • Tenant isolation (processes and data) at all levels Business Support Services • Isolation of cloud / tenant security mgmt Cloud Platform Offering Mgmt, Customer Mgmt, Ordering Multi-tenant security • Control of privileged user access Mgmt, Billing infrastructure • Cloud & tenant-level IT operational risk mgmt • Cloud & tenant-level encryption & key mgmt Operational Support Services Image Security Infrastructure Provisioning • Isolation and location security policies Instance, Image, Resource / Asset Mgmt • Building and provisioning w/ security constraints • IT security compliance for images • Image provenance, confidentiality, integrity Virtualized Resources Virtual Network, Server, Storage Virtualization Security • Instance isolation System Resources • Instance integrity Network, Server, Storage Data Center Security • Security VMs and Resilience • Location awareness • Hardware root of trust Physical System and Environment Physical Data Center Security and Resilience 24 [IBM]
  25. 25. Trust: Do you know/care what Google knows about you? • Google knows… • Google gets new senses… • Google: …your searches • Latitude/nexus: …locator • Gmail: …your emails • Google voice: …ears • Toolbar / Browser: …your interests • Google goggles … eyes • Google Calendar: …your habits • Google Docs: … your work • Google goes into infrastructures… • Google Maps: …your house • Google App Engine …provides PaaS • Picasa: …your pictures • Google Public DNS …provides inet svcs … and your face • Google Energy …provides power • Youtube …your videos • Google News: …what happens • Google is in a conflict of interest… • Google Books: …our cultur • Adsense …still is cash cow • …must be political • US company …homeland sec. act OK, Google is not evil! But what if Google would be Microsoft? Would you trust it? 25
  26. 26. Trust: Privacy is also a Question of Culture 26
  27. 27. OK. But do we have the technical means to Help in Sight: enforce such regulations? Legal Regulations will be Reviewed Current regulations need updates to reflect the technical development: • Customer data must not leave the country ?! • Intellectual property and copyright has to be respected ?! • It must be made possible to delete data from the internet ?! • Illegal activities in the internet need to be controlled and prevented ?! • … 27
  28. 28. Trend 2: SLA Model Establishment • What happens if your Cloud services are not working satisfactory? • Amazon EC2: • “commercially reasonable efforts to make Amazon EC2 available with an Annual Uptime Percentage (defined below) of at least 99.95%”  more than 4 hours unavailability per year • “If [availability]drops below 99.95% for the Service Year, the customer is eligible to receive a Service Credit equal to 10% of their bill” • Customer to claim • 3Tera (VPDC-provider): • If, as a result of any Covered Event(s), a Covered VPDC is not Available at least 99.999% of the time in any full calendar month, 3Tera will issue a credit to your account. • If the affected VPDC was Available at least 99.9% of that month, the credit will be 10% of the Service Fee for that VPDC for that month; otherwise it will be 25% of that fee. • This is done proactively by 3Tera 28
  29. 29. Trend 2: SLA Model Establishment (2) • High pressure from big customers • Lot of ongoing research in the area of horizontal and vertical SLAs, e.g. SLA@SOI, ValueGrid • Tool support for monitoring is an established basis • Blogosphere discusses reputation systems and certification 29
  30. 30. Trend 3: Cloud Ecosystem Maturing and Completion of Cloud Offerings • Especially the big shots will dominate public attention • Presentation of complete Cloud suites • Support of Intra, Public and Hybrid Cloud – and the migration • Caveat: simplicity is one of the Cloud‘s secret of success • It will become harder for start-ups to find their niche • SME offerings need innovation and specialization 30
  31. 31. Big Shot Domination: Microsoft‘s Coherent Cloud Portfolio 31
  32. 32. Big Shot Domination: IBM‘s Cloud Offerings will Attract Large Customers Products and additional services: • Development and test • IBM Smart Business Development and Test on the IBM Cloud • IBM Smart Business Test Cloud • Information Solutions • IBM Smart Analytics Cloud • IBM Smart Business Storage Cloud • IBM Information Archive • Collaboration • IBM LotusLive™ • IBM LotusLive iNotes™ And: • IBM partners with Amazon (think about connotation twice!) 32
  33. 33. Trend 4: Desktop as a Service • Drivers: • Resources in the Internet • Thin clients/Netbooks as endpoint  Desktop as a Service • Benefits: • Easy roll-out of applications via appliances • Highly controlable environments • Context-dependend delivery of applications • Duplication of tested installations and combinations 33
  34. 34. Trend 4: Desktop as a Service (2) • Base technologies are available and mature, e.g. • Google Chromium OS: the browser is the OS • GWT/FLEX/AJAX: powerful frameworks for ligthweight client applications • … 34
  35. 35. Trend 5: Standardization The race has begun – but on different tracks: • VMAN Initiative ( • DMTF Standards for Virtualization Management • Supported by: AMD, Cisco, HP, Hitachi, IBM, Intel, Microsoft, Sun, VMware,… • Specified functionality: OVF images, monitor installations • OGF Open Cloud Interface Working Group ( • OCCI Open Cloud Computing Interface • High level functionality required for the life-cycle management of VMs • Supported by: SAP, RightScale, CloudCentral, GoGrid, Flexiscale, Joyent, Eucalyptus,… • Specified functionality: management API • Open Cloud Consortium WG ( • Standards for interoperating large data clouds • Supported by: Aerospace, Yahoo, MIT Lincoln Labs, Northwestern University,… • Specified functionality: storage, performance measurement and rating, sharing 35
  36. 36. Agenda • Part 1: What is Cloud Computing? • Definition(s) • A closer look on Cloud technology • Part 2: Challenges and opportunities for 2010 • Potential and status • Some trend indicators • My personal Cloud trends for 2010 • Part 3: Cloud research and activities at eOrganization 36
  37. 37. CC @ Some select activities • Business Cases and Cloud TCO Business Cases • E.g. CC business cases for T-Com (T-Labs) & Perspectives • Cloud Computing Adoption • CC maturity model incl. online tool (IBM D,…) • Cloud Value Creation Cloud • Cloud offering value creation for intermediairies (EU) Ecosystem • Architecture of „the Cloud“ • Cloud Engineering „The Cloud“ • Dev. support for Cloud-patterns (T-Labs) • Business continuity services (IBM Watson) Cloud • Cloud Application Development Engineering • „Cloudification“ of existing apps (OpenCirrus/HP) • Cloud Platforms and Testbeds for Service Networks • EU projects (T-Systems, SAP, IBM,…) Cloud Management • SAP Landscape Provisioning and Demos & Provisioning • Mgmt and Reliability of VPDC (fluidOps, Zimory) 37 • SLA mgmt for complex systems (SAP Research)
  38. 38. More information: See also 38
  39. 39. Questions? Some might be answered here ;-) Christian Baun, Marcel Kunze, Jens Nimis, Stefan Tai: Cloud Computing: Web-basierte dynamische IT-Services (Reihe: Informatik Im Fokus) 39
  40. 40. Again: Questions? Thank you! • Acknowledgement: • [JB] Dr. James Broberg, U. Melbourne, CC-Tutorial at CCGrid 2009 • [MM] Michael Maximilien, IBM • [MK] Dr. Marcel Kunze, KIT SCC • Stefan Tai, Alex Lenk, Markus Klems, Sebastian Schmidt ,… • Contact: 40