Cloud Computing and the DoD CIO Storefront
Dan Risacher
Enterprise Services & Integration
Office of the DoD CIO
2009-09-21
1

What is Cloud Computing?
Headline: “The Internet Industry Is on a Cloud –
Whatever That May Mean”
- Wall Street Journal, A1, March 26, 2009
Headline: “Federal CIO Scrutinizes Spending And
Eyes Cloud Computing”
- Information Week, March 14, 2009
“I had a customer tell me there’s a rainstorm coming, that there will
be all these clouds and none are going to talk to each other.”
- Susan Adams, Chief Technology Officer,
Microsoft Federal Civilian Practice
Hype Or Fact? Yes 2

What is Cloud Computing?
Cloud Computing –
the 2:10 technology……
 Two Years of Hyper-Buzz
 Ten Years of Adoption
- Rob Carter, CIO FedEx, DISA Customer Partnership Conference
We‟re still in the first year of Hyper-
Buzz…. Watching CC mature…
3

What is Cloud Computing?
 IBM: “A cloud is an IT service delivered to users that has:
 A user interface that makes the infrastructure underlying the
service transparent to the user
 Reduced incremental management costs when additional IT
resources are added
 Services oriented management architecture
 Massive Scalability
 Forrester: “An abstracted, fabric-based infrastructure that
enables dynamic movement, growth, and protection of
services that is billed like a utility. … cloud computing is
looking like a classic disruptive technology”
Lots of different Cloud Computing definitions….
4

What is Cloud Computing?
 Gartner: “Cloud computing is a style of computing
where massively scalable IT-related capabilities are
provided „as a service‟ across the Internet to multiple
external customers”
 The 451 Group: “The cloud is IT, presented as a
service to the user, delivered by virtualized resources
that are independent of location.”
 National Institute of Standards and Technology (NIST):
“Cloud computing is still an evolving paradigm. Its
definitions, use cases, underlying technologies,
issues, risks, and benefits will be refined in a spirited
debate by the public and private sectors. These
definitions, attributes, and characteristics will evolve
and change over time. “
5

What is Cloud Computing?
 Draft NIST Working Definition of Cloud Computing v15:
 http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-
v15.doc
 Under the direction of the Federal Cloud Computing WG
(Chaired by Ms. Casey Coleman (GSA CIO), directed by Mr.
Vivek Kundra (Federal CIO).
What we can agree on is that Clouds (Cloud
Computing) bring the promise of
Enterprise Power to Users as Services
 The Service-Oriented Architecture / Enterprise is a key enabler
to achieving a Stateless Cloud Computing environment.
6

Clouds Services and Related IT Capabilities
Dimensional Indexing
Parallel Programming
Data.Gov
Distributed Computing
Distributed File Systems
Client Device
Virtualization
Process Orchestration Data-as-a-Service
Software Appliances
Messaging Services Software-as-a-Service
Rich Internet
SOA Application Interfaces
Infrastructure-as-a-Service
Simple Messaging Service
Data Center
Consolidation ITIL-based
Technologies
Commodity Processing
Grid Computing
Infrastructure
Virtualization Utility Computing
Leveraging Flexibility and Demand-Focused
IT Capabilities 7

Clouds - What‟s the Business Case?
Provisioning and Placement
Software Configuration
100X
Dedicated Mission Capabilities
Relative Per Problem Cost
Data Collection and Startup
…
Redundant Facilities and Capacity
Infrastructure-as-a-Service (IaaS) Cloud(s)
(e.g., Amazon WS, RACE)
10X
Redundant Licensing and Operations
Data Search and Fusion
Software-as-a-Service (SaaS) Cloud(s) (e.g., Salesforce.com,
DKO, Intelink, A-Space)
…
Extended Capacity Utilization
Data-as-a-Service (DaaS) Cloud(s) (e.g., Google Analytics, DNI)
1X
Core Mission Execution Time
… … …
Seconds Minutes Hours Days
Problem Agility
Cost-Effective Agile Response to Uncertainty 9

Amazon Web Services (AWS)
(Five Years of Planning)
Establishing an On-demand Web Scale IT Service is tightly
coupled to extended bandwidth services
10

Amazon Web Services (AWS)
http://animoto.com/
Realizing On-demand IT on a Web Scale
11

Cloud Computing Realities
 It is a Disruptive Technology – we need to treat it as such…
 A new technology, that radically transforms markets, creates wholly
new markets or destroys existing markets for other technologies..
 Not mature – needs 2+ years – This is the time to plan
 DoD Acquisition “as a process” could be a significant barrier
(CC is not a weapon system).
 Requires planning, pilots, and lessons learn to build a new
(fundamental) understanding of how DoD will migrate legacy
applications and associated data to “Services” hosted in the
Cloud.
 Requires adoption of a DoD Platform (as a Service) that delivers
Brutal Standardization in the form of standards, processes,
toolkits, Core Enterprise Services (e.g., Single Sign On, Search,
Publish, Collaboration, etc), and Desktop Virtualization.
12

Cloud Computing Realities
 Stateless Cloud Computing Technology?
 DoD CIO views that as collapsing the desktop (which stores /
manages desktop state resulting from data, applications,
network profile, etc) into the Cloud.
 Moving the desktop into the Cloud will pay
HUGE returns – cost savings, agility,
performance, etc, etc…
 Offers the potential of saving billons in “provisioning costs” per
year
13

Cloud Opportunities
 Infrastructure as a Service
 Public Clouds Fed CIO / GSA
 Private Clouds DISA
 Deployable Clouds Navy (CANES), Army (GNEC)
 Other
 Cross-cloud solutions ?
 Platform as a Service ?
 Software as a Service
 Productivity apps DoD CIO, Army
 Desktop Virtualization DARPA? DIA?
 Web app framework DoD CIO Storefront
14

DOD CIO Storefront Vision
 Create single NIPRNET access point for DOD CIO to share its
information and knowledge with authorized consumers in the
DOD Enterprise
– Net-centric implementation guidance and tools
– Host/employ emerging Web 2.0 tools
– Create a DoD CIO widget development kit, followed by prototyping and C&A
process (with Forge.Mil) supporting a DoD CIO “Apps Store” (similar to iTunes)
– (n.) widget: modular, loosely-coupled web application designed to run on customizable
net-centric framework, conforming to established guidelines for configuration and
enterprise security
– similar to Google Gadget
Become the DOD Enterprise Innovator and Exemplar 15
15

DoD CIO Storefront UI
“notional”
16
16

Goals
1. “The coolest .mil website ever”
 Communications channel so compelling
users will keep coming back
 As easy as iGoogle; as intuitive as Facebook
2. The DoD Net-Centric platform (Widget Framework & “Apps Store”)
 Certified and accredited framework for future web-applications
 Enabling creativity and empowering developers
3. Real-world pathfinder for future enterprise applications
 Provide “hands on” experience for providing net-centric solutions
4. Influence policy through real-world experience with Net-Centric
capabilities
5. Computing environment intended for multiple security domains
 Initial efforts on NIPRnet
17

The Storefront Essentials
 Identity management / Single sign-on
 The web framework
 And developer guidance
 First round of widgets
 The marketplace
18

Guiding Principles
 Cloud Computing Environment
 Utilize Open Source/GOTS software
 Leverage Partners:
 DISA
 RACE-in-production to provide a robust, elastic, scalable environment
 forge.mil to provide a common repository to support DOD development
 ICES –
 Intelink Publish & Search to provide means for making information available
and discoverable
 Stand up an Apps Store
 Galvanize third-party developers across the DoD Enterprise
19

DOD CIO Storefront POA&M
 Spiral 0: 30 days
– Develop storefront system requirements, generate use cases, investigate
technology options
– Identify potential “integration” partners/components
– Identify Cloud source
– Prioritize efforts for Spiral 1
 Spiral 1: 90 days
– Stand up initial Storefront prototype in a private cloud computing environment
– Generate net-centric implementation content, begin to organize content within
Storefront
– Develop initial core portlets (i.e., SSO) and services
– Prioritize efforts for Spiral 2
 Spiral 2+: 90 days
– TBD
20

Proposed IdM/SSO
Framework Architecture
CRL/
OCSP
DoD CAC PKI Storefront IdM/SSO SAML Storefront
Users Framework Services and
DoD Non-CAC OpenID/ Widgets
(OpenSSO)
Affiliates User ID/ OAuth External
Federal PKI Password Liberty Service/Widget
- Session Management
(e.g., IC, DHS) - Sponsored Account Alliance Providers
Other Mission Other Administration Other External
Partners Auth. - Coarse-Grained ABAC Fed. IdM/SSO
Frameworks
Storefront Identity Management
Attribute Retrieval Process
Automated retrieval of identity attributes
from authoritative Identity Management
sources
DMDC
Others
(DoD/CAC Users)
Identity Management Sources 21

Storefront Partnerships
Knowledge
Management
Storefront
Widget
Storefront
Framework
Content
ES&I Training Management
System
Fannie Callands
Social
Networking
Customized Service
Widgets
Identity
Management/
Single Sign-On UCore
Cloud Storefront
Computing Services
Clay Robinson
ES&I ES&I ICAM (DoD CIO)
ESSF/AANAC
DISA RACE Dan Green ICES
Marty Costellic Paul Grant (SPAWAR) (Publish
Alfred Rivera and Search)
DISA Other
PEO-GES
Mike Todd
Becky Harris
Fannie
Callands
22
22