Posts Tagged ‘Cloud

Data Loss or Leakage

There are many ways to compromise data. Deletion or alteration of records without a backup of the original content is an obvious example. Unlinking a record from a larger context may render it unrecoverable, as can storage on unreliable media. Loss of an encoding key may result in effective destruction. Finally, unauthorized parties must be prevented from gaining access to sensitive data.

The threat of data compromise increases in the cloud, due to the number of and interactions between risks and challenges which are either unique to cloud, or more dangerous because of the architectural or operational characteristics of the cloud environment.

Impact

Data loss or leakage can have a devastating impact on a business. Beyond the damage to one’s brand and reputation, a loss could significantly impact employee, partner, and customer morale and trust. Loss of core intellectual property could have competitive and financial implications. Worse still, depending upon the data that is lost or leaked, there might be compliance violations and legal ramifications.

Examples

Insufficient authentication, authorization, and audit (AAA) controls;inconsistent use of encryption and software keys; operational failures;persistence and remanence challenges: disposal challenges; risk of association; jurisdiction and political issues; data center reliability; and disaster recovery.

Remediation

• Implement strong API access control.
• Encrypt and protect integrity of data in transit.
• Analyzes data protection at both design and run time.
• Implement strong key generation, storage and management,and destruction practices.
• Contractually demand providers wipe persistent media before it is released into the pool.
• Contractually specify provider backup and retention strategies.

Tags : AAA, audit, authentication, authorization, Cloud, Data Loss, encoding key, key generation, Leakage, protect integrity

Secular Cloud Challenges

Server spending the most negatively affected by the move to the cloud: In our survey, 54% of our respondents cited server hardware as a top-three area of cost savings from the move to cloud computing. The average 8.6% expected reduction in server spending over the next three years due to the move to the cloud, dwarfs the 1.0%and 0.4% expected savings for storage and networking, respectively.

On-premise server growth goes negative: A shift of workloads to more-efficient cloud environments and increased utilization of current server resources in private cloud environments push on-premise new server shipments to a -1% CAGR over the next three years in our model.

Challenges for vendors tied to the growth of on-premise data centers: Growth drivers are shifting as vendors try to incorporate public cloud strategies; those slow to move will see significant headwinds to growth.

Models in Flux

1. Brocade: Brocade offers a competitive fabric-based strategy, but its ability to execute and penetrate large accounts remains a concern.

2. Cisco: Lacking a flat architecture for large-scale cloud deployments in its portfolio, we believe Cisco remains in a defensive position.

3. Hewlett-Packard: Hewlett-Packard lacks a clear strategy to attack cloud data centers with traditional server and networking products.However, converged portfolio is taking share in on-premise data centers.

4. Microsoft: Microsoft’s dominant share in server operating systems is almost solely in on-premise environments. However, its public cloud offerings polled the strongest of any vendor in our survey.

5. Red Hat: While well positioned for the cloud build out, Red Hat’s current subscription base is largely tied to on-premise deployments,and its virtualization, PaaS, and IaaS offerings are nascent.

6. SAP AG: A ramp in the BBD reseller network is likely to drive higher top-line growth and meaningful revenue contribution for the group.We estimate business-by-design (BBD) revenues at €83 million in 2012e (less than 1% of group SQL server reporting services),reaching about €900 million in 2015e, about 10% of group SSRS.

Potentially Secularly Challenged

• Atos Origin: With about 40% of its sales derived from ITO, we seethe company facing material booking/revenue headwinds in the near term.
• Dell and QLogic: The demand shift to cloud service providers purchasing from Asian ODMs puts server growth at risk.
• Symantec: About 50% of company revenues are tied to on-premise servers and storage, and SaaS-based businesses represent just11% of revenues.

Tags : CAGR, Cloud, Cloud Computing, cloud environments, dwarfs, networking, public cloud strategies, Secular Cloud

Market Oriented Cloud Architecture

As consumers rely on Cloud providers to supply all their computing needs, they will require specific QoS to be maintained by their providers in order to meet their objectives and sustain their operations. Cloud providers will need to consider and meet different QoS parameters of each individual consumer as negotiated in specific SLAs. To achieve this, Cloud providers can no longer continue to deploy traditional system-centric resource management architecture that do not provide incentives for them to share their resources and still regard all service requests to be of equal importance.Instead, market-oriented resource management is necessary to regulate the supply and demand of Cloud resources at market equilibrium, provide feedback interms of economic incentives for both Cloud consumers and providers, and promote QoS-based resource allocation mechanisms that differentiate service requests based on their utility.

Figure 1 shows the high-level architecture for supporting market-oriented resource allocation in Data Centers and Clouds. There are basically four main entities involved:

Figure 1: High-level market-oriented cloud architecture.

• Users/Brokers: Users or brokers acting on their behalf submit service requests from anywhere in the world to the Data Center and Cloud to be processed.
• SLA Resource Allocator: The SLA Resource Allocator acts as the interface between the Data Center/Cloud service provider and external users/brokers. It requires the interaction of the following mechanisms to support SLA-oriented resource management:

1. Service Request Examiner and Admission Control: When a service request is first submitted, the Service Request Examiner and Admission Control mechanism interprets the submitted request for QoS requirements before determining whether to accept or reject the request. Thus, it ensures that there is no overloading of resources whereby many service requests cannot be fulfilled successfully due to limited resources available. It also needs the latest status information regarding resource availability (from VM Monitor mechanism) and workload processing (from Service Request Monitor mechanism) in order tomake resource allocation decisions effectively. Then, it assigns requests to VMs and determines resource entitlements for allocated VMs.
2. Pricing: The Pricing mechanism decides how service requests are charged. For instance, requests can be charged based on submission time(peak/off-peak), pricing rates(fixed/changing) or availability of resources (supply/demand). Pricing serves as a basis for managing the supply and demand of computing resources within the Data Center and facilitates in prioritizing resource allocations effectively.
3. Accounting: The Accounting mechanism maintains the actual usage of resources by requests so that the final cost can be computed and charged to the users. In addition, the maintained historical usage information can be utilized by the Service Request Examiner and Admission Control mechanism to improve resource allocation decisions.
4. VM Monitor: The VM Monitor mechanism keeps track of the availability of VMs and their resource entitlements.
5. Dispatcher: The Dispatcher mechanism starts the execution of accepted service requests on allocated VMs.
6. Service Request Monitor: TheService Request Monitor mechanism keeps track of the execution progress of service requests.

• VMs: Multiple VMs can be started and stopped dynamically on a single physical machine to meet accepted service requests, hence providing maximum flexibility to configure various partitions of resources on the same physical machine to different specific requirements of service requests. In addition, multiple VMs can concurrently run applications based on different operating system environments on a single physical machine since every VM is completely isolated from one another on the same physical machine.
• Physical Machines: The Data Center comprises multiple computing servers that provide resources to meet service demands.

In the case of a Cloud as a commercial offering to enable crucial business operations of companies, there are critical QoS parameters to consider in a service request, such as time, cost, reliability and trust/security. In particular, QoS requirements cannot be static and need to be dynamically updated over time due to continuing changes in business operations and operating environments. In short, there should be greater importance on customers since they pay for accessing services in Clouds. In addition, the state-of the-art in Cloud computing has no or limited support for dynamic negotiation of SLAs between participants and mechanisms for automatic allocation of resources to multiple competing requests. Recently, we have developed negotiation mechanisms based on alternate offers protocol for establishing SLAs. These have high potential for their adoption in Cloud computing systems built using VMs.

Commercial offerings of market-oriented Clouds must be able to:

1. support customer-driven service management based on customer profiles and requested service requirements,
2. define computational risk management tactics to identify, assess, and manage risks involved in the execution of applications with regards to service requirements and customer needs,
3. derive appropriate market-based resource management strategies that encompass both customer-driven service management and computational risk management to sustain SLA-oriented resource allocation,
4. incorporate autonomic resource management models that effectively self-manage changes in service requirements to satisfy both new service demands and existing service obligations, and
5. leverage VM technology to dynamically assign resource shares according to service requirements.

Tags : Accounting, Admission Control, allocation, Cloud, Cloud Architecture, Data Centers, Dispatcher, Market Oriented, Physical Machines, Pricing, QoS, resource allocation, Service Request Examiner, Service Request Monitor, SLA Resource Allocator, SLAs, Users/Brokers, VM Monitor, VMs