Monday, June 08, 2009

Windows Azure and Cloud Computing Posts for 6/1/2009+

Windows Azure, Azure Data Services, SQL Data Services and related cloud computing topics now appear in this weekly series.

Updated 6/5 to 6/7/2009: Business Week Special Report, Additions
Updated 6/4/2009: NIST Federal Security Draft, Additions
• Updated 6/3/2009: Additions

Note: This post is updated daily or more frequently, depending on the availability of new articles in the following sections:

To use these links, click the post title to display the single article you want to navigate.

Azure Blob, Table and Queue Services

<Return to section navigation list> 

••• Steve Marx’s Sample Code for Batch Transactions in Windows Azure Tables post of 6/5/2009 begins with the following caveat:

As a follow-up to my earlier post about the new blob storage features, in this post, I’ll show you how to take advantage of the entity group transactions functionality that was recently rolled out to Windows Azure tables.

I’ve updated the project (modified storage client library and test program) I announced in the last post, so go ahead and download the code again.  To use the new features, you’ll need this code or your own code like it, because the SDK sample hasn’t yet been updated to include the new functionality.  You’ll also need to run against a storage account in the cloud, because the development storage in the SDK has also not yet been updated to match the latest bits in the cloud. [Emphasis added.]

••• Josef Finsel (a.k.a. CarpDeus) continues his REST-ful Look at Azure series with A REST-ful Look at Azure (Part 5) Queue Storage of 6/3/2009. Earlier posts are:

(Found in an #Azure Tweet.)

SQL Data Services (SDS)

<Return to section navigation list> 

••• My 17 Slides from Tech*Ed 2009’s “Building Applications with Microsoft SQL Data Services and Windows Azure” Session (DAT316) post of 6/6/2009 lets folks who weren’t registered for Tech*Ed 2009 view the most significant slides from David Robinson’s and Liam Cavanagh’s session at Tech*Ed 2009. The slides also cover the current status of the Data Hub (a.k.a. Project Huron) and synchronization between SDS and on-premises SQL Server databases, as well as SQL Server Compact on devices.

Michael Crandell seconds the Azure team’s decision to move from EAV SSDS to relational SDS in his You Say You Want a Cloud Revolution post to GigaOM of 6/6/2009. Michael writes:

Contrast that with another Amazon cloud service that’s more revolutionary in nature. It’s called SimpleDB, and it provides an expandable, fast data store that addresses the problem of scalability common to relational databases. The catch is that it does so at the cost of incompatibility with some common relational database functions, while adding traits that represent a big enough departure in design to limit the service’s appeal. In other words, it’s too revolutionary. From my observations, use of traditional relational databases in the cloud completely trumps usage of simple data stores.

Michael is CEO and Founder of RightScale and will speak at GigaOM Network’s Structure conference on 6/25/2009 in San Francisco.

••• Liam Cavanaugh’s Announcing Sync Framework 2.0 CTP2 post of 6/4/2008 provides additional technical details on the new CTP.

•• The Microsoft Sync Services Team announces the availability for download of Microsoft Sync Framework 2.0 CTP2 on 6/4/2009.

Microsoft Sync Framework is a comprehensive synchronization platform that enables collaboration and offline scenarios for applications, services, and devices. Using Microsoft Sync Framework, developers can build applications that synchronize data from any source using any protocol over any network.

The download MSI file contains the following components:

  • Synchronization runtime, core components, Web synchronization components, metadata storage services, simple custom providers, database synchronization providers and file synchronization provider.
  • Headers, libraries, symbols, and samples.
  • Sync Framework 2.0 Documentation

You can’t upgrade from CTP1 to CTP2; you must uninstall CTP1 before installing CTP2.

Alin Irimie’s Cloud Data Hub. Synchronize Your Data in the Cloud post of 6/3/2009 starts:

In the previous article about SQL Data Services (SDS) I mentioned one of the most exciting technologies coming out from Microsoft this year: Data Hub, “an aggregation of enterprise, partner, desktop and device data within SQL Data Services”. It is a service, hosted in the Azure data centers along with SQL Data Services you can use to synchronize your on-premises database with the database in the cloud. This service is completely based on the Microsoft Sync Framework technology.

What you can do with it, is you can take an existing database on your premises, and sync-enable it, mainly you can specify tables, rows, which should be published to the cloud. What the sync service will do, will take the schema from your database and will create an identical schema in the cloud database, then the data you want to be synchronized will be uploaded as well. Because is a true synchronization service, any changes on any side (on premises or cloud) will be synchronized on the other side

.NET Services: Access Control, Service Bus and Workflow

 <Return to section navigation list>

Nandita announces MSDN Webcast: Building Applications Using the .NET Service Bus (Level 200):

In this webcast, we provide an overview of the Microsoft .NET Services Service Bus. We cover what a Service Bus is and why it is necessary, and we step through the features of the Service Bus: the naming system, the service registry, the messaging fabric, and the programming model, including all the most useful bindings. We also demonstrate NetOnewayRelayBinding, NetEventRelayBinding, NetTcpRelayBinding, and WebHttpRelayBinding.

When: 6/24/2009 11:00 – 12:00 AM PDT
Where: Internet; registration required.

Live Windows Azure Apps, Tools and Test Harnesses

<Return to section navigation list> 

Simon Davies offers links to Bing maps applications in his Bing Maps updates on Windows Azure post of 6/5/2009:

    • You can take a tour of the new hotspots or explore for yourself here. There’s also a short video intro to it here and more info on Chris Pendleton’s blog.
    • If you want to see another interesting Bing maps application on Windows Azure take a look at Earthware’s twitter mash up.

• Rob Gillen’s Asian Options Test Bed post of 6/3/2009 describes using “the Asian Options Pricing WCF sample provided by Microsoft on the HPC resource kit site (” for performance-testing Azure’s computing features.

His Test Run #1 post offers a graph that compares the execution time for the sample on a two-node high-performance computing (HPC) cluster, local sequential processing, and multiple instances in the Azure cloud.  Test Run #2 increased the number of computations per run by a factor of 10.

The local two-node HPC cluster offered the best overall performance. Azure came in last in TestRun #1 and in second place in TestRun #2 where the computation to communication time ratio increased.

• The Azure Team reports that the new CloudApp() developer challenge is now open to international entrants on its new CloudApp() - The Azure™ Services Platform Developer Challenge landing page. Steve Martin has more details in his Azure Dev Challenge Questions Tackled post of 6/2/2009.

Ryan Dunn offers a Windows Azure June Round-up of new Azure features in this 6/1/2009 overview. Topics include:

  • New Feature: Geo-Location support
  • New Feature: Storage API updates
  • Windows Azure SDK Update
  • New Windows Azure Applications and Demos
  • Relevant Blog Postings

Azure Infrastructure

<Return to section navigation list> 

••• Andrea DiMaio’s Private Cloud for Government Does Not Mean Private Sector of 6/7/2009 takes issue with "some very different connotations of the term ‘private’” in the context of government clouds. Andrea concludes:

We [at Gartner] are currently working on a piece of research that aims at helping our government clients navigate the complexity of access, ownership and control options (which constitute a continuum from fully private and fully public cloud services), identifying different models across that continuum. What we have found out is that using the term “private” rapidly becomes a hindrance, as it leads to trying to define artificial boundaries between models.

••• Dan Chenok issues a Call for Privacy Act to Catch Up with IT in this 6/5/2009 podcast of an interview by Eric Chabrow with Dan Chenok:

The law rarely keeps pace with advancements in information technology, and the 35-year-old federal Privacy Act has failed to provide the proper framework needed to protect the privacy of citizens.

Dan Chenok chaired the federal Information Security and Privacy Advisory Board that issued a report entitled Toward a 21st Century Framework for Federal Government Privacy Policy that calls for the creation of a federal chief privacy officer as well as chief privacy officers in major federal agencies and a federal Chief Privacy Officers' Council. The panel also recommended steps Congress and the Obama administration should take to change federal laws and regulations to allow the government to more efficiently use specific technologies, such as cookies, while maintaining citizens' privacy.

Chenok, the one-time highest ranking non-political IT official in the Office of Management and Budget and now a senior vice president at IT services provider Pragmatics, spoke with Information Security Media Group's Eric Chabrow and explains how changing the way privacy is governed will enhance protection for American citizens.

••• Bill Stempf’s Economics of Cloud computing presentation for the ACM post of 6/5/2009 describes his presentation:

I presented a paper last month for the ACM and IEEE that will be published in the Cloud Computing Journal next month.  Thought I would post a few links here for those who are interested in cloud - I did cover Azure.  I'll do a blog post for Azure and VB when I manage to upload SHARP to the cloud, like I plan to. [Emphasis added.]

The post contains links to the slides, presentation video, and post on

••• John Treadway takes Steve Hamm to task for “misleading or missing key context” in this BusinessWeek Piece on Cloud Computing Misses The Point post of 6/7/2009. John writes, inter alia:

Steve Hamm (@stevehamm31) of BusinessWeek got a big article on #cloudcomputing into last week’s issue.  It rightly points out that cloud computing is the big thing and will keep us busy for the next 10 years.  Unfortunately, a lot of the article is misleading or missing key context.

His first example cited is Avon’s use of a smartphone- and PC-accessible system for connecting Avon’s 150,000 “sales leaders” with their reps (sales leaders are the consultants who recruit and run other consultants/reps and get a cut of the “upline” commission).  Nothing in the article explains how this is a “cloud computing” solution.  Remote/mobile accessible applications have been around almost as long as the Internet.  The article doesn’t say, but I suspect that the system serving up all this info is a traditionally developed and deployed one sitting inside the Avon firewall - making it a NOT CLOUD application.  But I don’t know for sure because the article doesn’t say.

Hamm then goes on to parrot the ridiculous Gartner numbers I’ve discussed previously. …

••• Chris Hoff posits Most CIO’s Not Sold On Cloud? Good, They Shouldn’t Be… in this 6/7/2009 post:

I find it amusing that there is so much drama surrounding the notion of Cloud adoption.

There are those who paint Cloud as the savior of today’s IT great unwashed and others who claim it’s simply hype and not ready for prime time.

They’re both right and Cloud adoption is exactly where it should be today.

••• Greg Ness’ Reality Checks for the Billowing Cloud Computing Fantasy Seeking Alpha post of 6/7/2009 points out, based on his participation in a recent Infrastructure 2.0 panel:

Cloud computing has become the hottest, fluffiest and highest profile meme since the dotcom era. The most successful cloud players include in their ranks a bookseller and an advertising/search behemoth. Software companies are making cloud announcements of all kinds.

We owe most of this repositioning to none other than author Nicholas Carr, who has managed to craft a collection of services, technologies and ideas into the Next Big Thing. Yet between the grand vision and a growing collection of visionaries there are plenty of gaps and confusion.

Those gaps can create opportunities and risks for investors.

However, Ness is off-base with this observation:

Check out Hoff’s blog on Microsoft’s (MSFT) 291 security controls in its cloud architecture; recent Microsoft cloud security claims come across like just another dumb down checklist game.

Being what I believe to be the first PaaS cloud vendor to obtain SAS 70 attestations and ISO/IEC 27001:2005 certifications for its data centers is a major step forward, not a “checklist game.”

••• Jian Zhen claims “You can outsource responsibility, but you can’t outsource accountability” in his Security and Compliance in the Age of Clouds post of 6/7/2009. Jian writes:

If you look across all of the regulations and mandates out there, like SOX, PCI, HIPAA, COBIT, ISO, etc etc, they all require essentially two things: transparency and control. Transparency is an absolute must. You need to know who’s accessed what data, when and where, and maybe why based on some documented evidence. That’s why you see big sections in these regulations/mandates requiring audit reports.

That’s why I consider SAS 70 attestations and ISO/IEC 27001:2005 certifications so important.

••• Chris Hoff (a.k.a. @Beaker)’s The Six Worst Cloud Security Mistakes? I Can Do You One Better… post of 6/6/2009 analyzes what Kelly Jackson Higgins describes as the “Six Worst Cloud Security Mistakes:

    1. Assuming the cloud is less secure than your data
    2. Not verifying, testing, or auditing the security of your cloud-based service provider.
    3. Failing to vet your cloud provider’s viability as a business.
    4. Assuming you’re no longer responsible for securing data once it’s in the cloud.
    5. Putting insecure apps in the cloud and expecting that to make them more secure.
    6. Having no clue that your business units are already using some cloud-based services.

Hoff concludes:

By the way, I think the worst Cloud Security mistake is not knowing what Cloud Security even means.

••• Peter Fingar, author of Dot.Cloud: The 21st Century Business Platform, proposes Cloud Oriented Business Architecture as an alternative to PaaS or IaaS in this June 2009 article. According to Fingar:

Cloud computing makes it possible to create new “business platforms” that can enable companies to change their business models and collaborate in powerful new ways with their customers, suppliers, and trading partners – stuff that simply could not be done before. What that stuff is, is up to entrepreneurs and entrepreneurs. But no doubt there are cloudy new Amazons and Googles hard at work, and they will no doubt teach the business world new lessons.

Cloud computing is the next step in the evolution of the Internet as a source of “services.” It’s those services that users are interested in, not the underlying technologies. While most people have become accustomed to using services such as emailing or searching or shopping on the Internet, by extension, it makes sense that business technologies should be accessible in the same way.

••• Dmitry Sotkinov “gives us his perspective on services in the cloud and answers some of the frequently asked questions” in his IT Services in the Cloud Interview with David Tesar at Tech*Ed 2009. Topics include:

    • When is the right time to move to the cloud?
    • What roles/services are not good to think about moving to the cloud?
    • What types of things you need to be thinking about when moving your services to the cloud?
    • How is portability a concern on where you want to host your applications?
    • Where he sees benefits with Azure and BPOS over the competition?

••• James Urquhart claims The cloud conversation is changing from "what is it?" to "how would I use it for my business or institution?" in his CNet News post of 6/6/2009. He concludes:

Perhaps the most beneficial aspect of this shift is the fact that we should start seeing some real business cases, use cases, and best-practice discussions appear in the cloud-computing discussion.

Best Buy's story at Google I/O, the venerable New York Times and Animoto stories on Amazon, Eli Lilly's tale of redefining research projects: they all serve as examples of cloud's value in the right contexts. We know from these examples that "batch jobs" are great cloud fodder (such as grid computing and image processing), as are applications with unpredictable scale.

We need to see more such examples publicized, however. Where are the financials with their complex models and data mining? Biotech with its constant data processing demand? Manufacturing with its "just in time" supply chain management?

Perhaps the examples will continue to be more of the same, but that's OK to me. Then we know where cloud's strengths and weaknesses are, and we can move the conversation forward from there

••• Business Week’s Special Report for it’s issue is How Cloud Computing Will Change Business: “IBM, Qualcomm, Nokia, and other majors, along with startups, are preparing to cash in on new technology. Not that it will be easy.” Topics include:

••• Dion Hinchcliffe describes Eight ways that cloud computing will change business in his 6/5/2009 post for ZDNet’s Enterprise Web 2.0 blog:

  1. The creation of a new generation of products and services.
  2. A new lightweight form of real-time partnerships and outsourcing with IT suppliers
  3. A new awareness and leverage of the greater Internet and Web 2.0 in particular
  4. A reconciliation of traditional SOA with the cloud and other emerging IT models
  5. The rise of new industry leaders and IT vendors
  6. More self-service IT from the business-side
  7. More tolerance for innovation and experimentation from businesses
  8. The slow-moving, dinosaur firms will have trouble keeping up more nimble adopters and fast-followers

Of course, Dion adds supporting details to each topic and one of his classic illustrations to the article:

Dion’s Building a vision for Government 2.0 post of 6/3/2009 covers similar ground for the federal government. He writes:

Earlier this week, the nation’s first ever CIO, Vivek Kundra, urged the use of Web 2.0 approaches to address the needs of government and citizens at the Management of Change conference in Norfolk, Virginia. Kundra outlined several important areas where he believed Web 2.0 can help improve government: connecting with citizens and their ideas (social computing), routing around the horizontal and vertical silos surrounding government data (open APIs), and tapping into the potential savings of low-cost new software applications and processing capabilities (SaaS and cloud computing.)

••• Andy Greenberg overblows Peter Mell’s concern with security at NIST in his If The Clouds Burst article of 6/5/2009 that carries this alarmist deck: “NIST official warns that cloud computing could face a banking-style meltdown.”

The much-hyped vision of information technology's cloud computing future is often described with an analogy to the power industry: Just as we pipe in electricity from a central utility, the comparison goes, so will we someday pay for processing and storage as utility-like services in a central location, a model that's more efficient, more flexible and cheaper.

But cloud computing, argues the National Institute of Science and Technology's (NIST) cloud computing lead Peter Mell, can also be described with an analogy to another industry, and one with a less savory track record: banking. In a cloud computing scenario, as in banking, businesses and governments entrust their precious digital assets to a single central repository--one that's more interested in maximizing profit than in creating a costly safety buffer.

The story boils down to more cloud security fear-mongering.

••• Randy Holloway’s “How Do I?” screencasts with Windows Azure post of 6/5/2009 announces the following new video segments:

Randy works for Microsoft in St. Louis.

••• Lori McVittie’s Can You Teach an Old Developer New Tricks? post of 6/5/2009 carries this deck: “Infrastructure 2.0 is a lot like Web 2.0: it’s about collaboration and integration.” Lori continues:

SOA was treated as primarily a development concern, and thus network and systems’ administrators blithely ignored it rather than embrace its architectural quirks. The combination of dumping responsibility for the change in the organization required for SOA to succeed on developer’s shoulders and the lack of concern from the rest of IT certainly led to if not its demise then its reign as King of the IT Hill.

And now comes Infrastructure 2.0 - dynamic infrastructure – and we’re doing it all over again.

••• David Worthington claims Cloud providers answer the tough questions in this 5/15/2009 (missed) post for Software Development Times that featured’s Peter Coffee, Rally Software’s Zach Nies, Amazon Web Services’ Adam Selipsky, IBM’s Dennis Quan, and Microsoft’s Steven Martin, whom David quotes as follows:

Organizations should be asking cloud providers tough questions about being locked in, stated Steven Martin, senior director of developer platform product management at Microsoft. “Applications in the cloud remain the domain of the author. It is critical to understand that when you are working with Microsoft, the technology that you create is yours. Data is the same way,” he said.

Martin explained that the only way for Microsoft to sell Windows Azure at a price that is appropriate for customer adoption is with a large volume of customers. The path off of Azure lies in how Microsoft approaches Web workload, he explained. But portability is guaranteed only so long as the customer remains with the Microsoft stack. …

As more customer move toward the SaaS model and composite applications, the metadata that is associated with services is becoming critical, said Microsoft’s Martin.

Microsoft will provide a metadata model for Windows Azure that will allow for governance innovation from low-level runtimes to the service itself, he said. “If a service is addressable and available from any endpoint on the planet, it changes the dynamic of how you write software.”

In addition to interoperability, the discussion covered cloud security, governance, data integrity, availability and uptime.

Steve Martin appears to be Microsoft’s point-man of the moment for Windows Azure in panel discussions.

••• Ryan Martens analyzes David Worthington’s article in his Going to the Cloud – the Agile Way post of 6/4/2009, provides links to a Webinar and commentary from other cloud-computing “thought leaders” and proposes:

As a result of SD Times’ tough questions and our desire to “ignite the next wave of economic growth,” we decided to talk in our next webinar with Global Logic and IBM about how to go to the cloud and mitigate risk along the way. As with any pilot, the goal is to enter wisely, learn fast and then move forward.  Given the iterative and incremental method of Agile is best suited for this fast-learning approach, we will title our next talk “Going to the Cloud - the Agile Way.”

••• Leena Rao was Liveblogging Microsoft’s Ray Ozzie on “The Potential Of Cloud Computing” at the Churchill Club on 6/4/2009. Leena begins:

We’re at the Churchill Club’s “Potential of Cloud Computing” event, where Wired’s Senior Writer Steven Levy is interviewing Microsoft Chief Software Architect Ray Ozzie. Ozzie made some interesting predictions on the future of cloud computing a few weeks ago at J.P. Morgan’s Technology, Media and Telecom Conference. Microsoft is continuing to assert its position in the cloud as the release of its cloud computing platform, Azure, draws near. Ozzie faced a few hardball questions from Levy, which you can find our analysis of here.

The next generation that we are testing free standing data center, modular data center where every component of a data centers are all free standing with one roof.

Her liveblog is close to a transcript of Ray’s thoughts about Windows Azure.

••• Sam Diaz adds his two-cents with Microsoft's Ray Ozzie talks cloud computing at Churchill Club post to ZDNet’s Between the Lines blog:

I’ve been a pretty vocal critic of Microsoft in the past, scratching my head in amazement when the company does something wacky like a Jerry Seinfeld-Bill Gates commercial or Windows Vista. But after a Churchill Club dinner in Silicon Valley last night, I think have a better understanding of what’s happening over in Redmond. …

Ray Ozzie, Microsoft’s Chief Software Architect and the guest speaker at last night’s dinner (Techmeme), said the company wasn’t necessarily talking or thinking about the cloud when he came on board as part of the acquisition of his company, called Groove Networks, in 2005. When it came time to start offering a new way of thinking about the cloud and software, the approach came slowly. At the event, he said:

“In any large organization, the government, the military, Wal-Mart, Microsoft, change of management is a challenge. You cannot effect change by mandate. You can’t say this is the way it’s gonna be and everyone snaps.”

••• TechPulse360 offers video clips of Ray Ozzie’s 6/4/2009 interview at the Churchill Club in the Ray Ozzie Interview At The Churchill Club (videos) post. The following segments tackle cloud-based topics:

  • Microsoft Office will 100% Cloud-based
  • The concept of 3 screens and the cloud
  • Making the Cloud more Secure

••• Ina Fried reports on 6/4/2009 for CNet News from the Churchill Club: Ray Ozzie's cloud hangs over the Valley. Ina writes:

Ray Ozzie tends to see things much like a Seattle meteorologist--always cloudy. …

Making a trip to sunny Silicon Valley, Ozzie addressed Silicon Valley's Churchill Club, outlining the transformational role that cloud computing will play. …

The goal of the cloud era, he said, is to create a world in which applications are sandboxed like the browser, cached like Javascript and all the data fully synchronized.

[Steven] Levy suggested that perhaps that kind of world might be bad for Microsoft's Windows business, but Ozzie disagreed.

"We'll always need an OS," he said. "Every device needs an OS. The programming model on top's of that OS is what's changing."

The story includes links to an earlier Ozzie interview and videos from the Churchill Club event.

••• Jessica Hodgson’s Microsoft Exec: Cloud Computing Could Undermine Margins article of 6/4/2009 for the Wall Street Journal (requires subscription) reports that Ray Ozzie said “cloud computing will likely put pressure on Microsoft Corp.'s (MSFT) margins.”

The remarks by Ray Ozzie, Microsoft's chief software architect, appear to confirm fears that online software products, which Microsoft is rolling out, could undermine the company's margins over the long term.

••• Steve Gilmore chimes in on the Ozzie presentation for TechCruncIT with Ozzie at the Bat of 6/5/2009, but this report concentrates on Ozzie’s opinions of Google Wave.

••• MIT Technology Review’s July/August 2009 issue will feature Technology Overview: Conjuring Clouds by the TR editors. There’s nothing there now, but register and keep watching this space. In the meantime, TR offers links to many cloud-computing articles over the past year in these search results.

The National Institute for Standards and Technology (NIST) announces the release of the final public draft of Special Publication 800-53, Revision 3, Recommended Security Controls for Federal Information Systems and Organizations on 6/3/2009. In its News and Events post for 6/3/2009, NIST writes:

The final public draft of Special Publication 800-53, Revision 3, is historic in nature. For the first time, and as part of the ongoing initiative to develop a unified information security framework for the federal government and its contractors, NIST has included security controls in its catalog for both national security and non national security systems. The updated security control catalog incorporates best practices in information security from the United States Department of Defense, Intelligence Community, and Civil agencies, to produce the most broad-based and comprehensive set of safeguards and countermeasures ever developed for information systems.

I’m not an information security expert, but I agree that this is a historic document. The period for public comments on SP 800-53 is 6/3 to 7/1/2009.

Chris Hoff (a.k.a. @Beaker)’s Dear Mr. Schneier, If Cloud Is Nothing New, Why Are You Talking So Much About It? post of 6/3/2009 takes Bruce Schnier to task for “dumbing down Cloud Computing to nothing more than outsourcing via SaaS:”

For someone who suggests that Cloud Computing is “nothing new,” Bruce Schneier continues to feed the hamster saying a whole lot about nothing.  I’ve seen video after video of señor Schneier staring wide-eyed and unblinking into the camera, suggesting that Cloud Computing is much ado about nothing.

A recent illustration in a different medium is a story in the Guardian titled “Be Careful When You Come To Put Your Trust In the Clouds

Paul Massie analyzes’s McKinsey Cloud Computing Report Conclusions Don't Add Up in his Cloud Computing: Beyond the Hype post of 6/2/2009 for the Gerson Lehrman Group:

… Cloud computing will get considerably more traction during the next year or two. For one reason, there is actual value for those companies with use cases that closely match the cloud model. A second reason is that it’s almost impossible not to see a headline today that touts cloud computing as the solution to IT infrastructure costs. The people IT heads report to, CFOs, CEOs, COOs and others all read those headlines, and woe betide the CIO who fails to demonstrate some activity around cloud computing. Such unfortunate souls will find themselves described as “backward”, “non-strategic”, and similar non-flattering labels, with unemployment looming. …

Check out other GLG analyses in the “Other Analyses of the same Source Article” section on the same page.

• David Linthicum’s Where architecture meets cloud computing post of 6/6/2009 carries a “Pat Stingley shared his vision around cloud computing and ‘cloud architecture’” deck and begins:

Pat Stingley, who is well known in the government cloud computing space, has been sharing his own thoughts on "cloud architecture,” including his initial thinking on the topic. Pat and I have been speaking at and sitting on panels at some recent cloud computing for government events. I spoke with Pat yesterday, and he wanted me to assist in distributing his thinking for public comments; he also mentioned this is his work as an individual thought leader. However, if you’re following the government cloud computing movement, which is growing rapidly, you already know Pat Stingley.

• John Pescatore and Andre Gold present Staying Ahead of Changing Risks, a 40-minute Webinar from GovInfoSecurity that covers the following topics:

  • Which attacks are happening now and what's projected over the next couple years.
  • How multistaged threats are necessitating new vulnerability management practices.
  • Why continual risk assessment is increasingly seen as standard due diligence.
  • Where penetration testing and red teaming fits into proactive IT risk assessment strategies

John is a Gartner analyst and Andre is the founder of Gold Risk Management and a former security head at ING.

Charles Babcock’s It's 6 O'Clock -- Do You Know Where Your Cloud's Data Center Is? post of 6/3/2009 to the InformationWeek Cloud Computing Weblog begins:

A comment that I liked on cloud computing came out of Sun's CommunityOne conference June 1 in San Francisco. It was from Tim Mather, a member of a panel on "Securing the Cloud--Why, What and How?" He said: "The trust boundary has moved with cloud computing but no one is clear where to."

Mather is VP and chief security strategist for RSA, the security software division of EMC Corp. The trust boundary he refers to is the ability to trust data because it comes from a known source, is in a validated format and is being stored in a secure setting. If the cloud is providing database processing or data storage for you, who is responsible for the trust boundary? The user, the cloud? Both?

Cloud providers may say, "You can trust us," but Mather warned: "There's a serious lack of transparency (on how security is being provided)." Cloud vendors don't necessarily wish to air their security measures because that makes them easier to breach.

"What vendors are doing needs to be made public," continued Mather. The exact measures don't need to be aired, but the degree of security provided needs to be stated, then audited by a trustworthy third party, who concludes whether the vendor is doing what it claims to be doing.

That’s why Charlie McNerney’s Securing Microsoft’s Cloud Infrastructure post of 5/27/2009 is so important. From the Windows Azure and Cloud Computing Posts for 5/25/2009+:

The [24-page] white paper we’re releasing today describes how our coordinated and strategic application of people, processes, technologies, and experience with consumer and enterprise security has resulted in continuous improvements to the security practices and policies of the Microsoft cloud infrastructure.  The Online Services Security and Compliance (OSSC) team within the Global Foundation Services division that supports Microsoft’s infrastructure for online services builds on the same security principles and processes the company has developed through years of experience managing security risks in traditional software development and operating environments.

Independent, third-party validation of OSSC’s approach includes Microsoft’s cloud infrastructure achieving both [Statement of Auditing Standard] SAS 70 Type I and Type II attestations and ISO/IEC 27001:2005 certification. We are proud to be one of the first major online service providers to achieve ISO 27001 certification for our infrastructure. We have also gone beyond the ISO standard, which includes some 150 security controls. We have developed 291 security controls to date to account for the unique challenges of the cloud infrastructure and what it takes to mitigate some of the risks involved [Emphasis added].

Charlie is GM, Business & Risk Management, Microsoft Global Foundation Services. This post still hasn’t received the attention it deserves.

• Chris Hoff (@Beaker) makes Observations on “Securing Microsoft’s Cloud Infrastructure” on 6/1/2009, among them:

I think it’s admirable that Microsoft is sharing its methodologies and ISMS objectives and it’s a good thing that they have adopted ISO standards and secured SAS70 as a baseline. 

However, I would be interested in understanding what 291 security controls means to a security posture versus, say 178.  It sounds a little like Twitter follower counts.

I can’t really explain why those last two sentences stuck in my craw, but they did.

• Ina Fried reports Microsoft buys Merck unit in life sciences push in her 6/1/2009 article for CNet’s Beyond Binary column:

Microsoft said on Monday it is buying the assets of Rosetta Biosoftware, a unit of Merck, as part of an effort to expand into the life sciences software arena.

The Rosetta technology will be used to add genetic and genomic data management abilities to Microsoft's recently announced Amalga Life Sciences effort.

Here’s the press release: Microsoft Signs Agreement With Merck & Co. Inc. to Acquire Assets of Rosetta Biosoftware, Strengthening Position in Life Sciences Industry.

Pharma companies are moving to cloud computing for compute-intensive drug research, so it’s a good bet that there will be a connection between Rosetta Biosoftware and Azure.

Jason Carolan’s Cloud Computing Infrastructure and Architecture 40-page white paper of June 2009 (site registration required) carries the following abstract:

Cloud computing promises to speed application deployment, increase innovation, and lower costs, all while increasing business agility. But it also transforms the way we design, build, and deliver applications. What are the architectural considerations that enterprises must make when adopting cloud computing technology?

This white paper discusses the nature of cloud computing and how it is transforming the way that enterprises everywhere build and deploy applications. It proceeds to discuss the architectural considerations that cloud architects must make when designing cloud-based applications, and concludes with a discussion of Sun's technologies that support cloud computing.

Carolan is Director, Global Systems Engineering & Distinguished Engineer at Sun Microsystems, Inc. Following are links to his earlier cloud-related articles from the CloudBook site:

  • Article: Cloud Serviceability and Architecture - February 2009
    Composite services and clouds are architectural in nature. We can no longer attempt to mediate system events at an element or server level. It must be broader and confer architectural context at nearly every level.
  • Article: Cloud Management, A Continuous Perspective - April 2009
    Clouds are a great example of applying continuous architecture. Continuous architecture is the notion of complex adaptive systems applied to something that historically might have been viewed as static.
  • Article: Some Notes on Defining Cloud Computing - March 2008
    There seems to be some key attributes that describe cloud computing. The challenge is they overlap with other computing definitions, so maintaining distinction and how this overlap is helpful in solving other computing problems is important.

Dana Gardner interviews Frank Gillett in his Forrester on Future of Mission-Critical Cloud Computing post of 6/1/2009:

To help understand the difference between the reality and the vision for cloud computing, I recently interviewed Frank Gillett, vice president and principal analyst for general cloud computing topics and issues at Forrester Research.

You can also watch the interview as a series of video streams at, or read a full transcript.

Kevin L. Jackson’s Secure Cloud Computing on Federal News Radio post of 6/1/2009 reports:

Last week the Trezza Media Group, Flyzik Group and Federal News Radio combined to produce an outstanding Federal Executive Forum on Secure Cloud Computing. Moderated by Jim Flyzik, panelist included:

  • Henry Sienkiewcz-Technical Program Director, Computer Services, Defense Information Systems Agency 
  • Mr. Ronald Bechtold-Army Architecture Integration Center, at Headquarters, Department of the Army, Chief Information Office/G6 
  • Curt Aubley-Technology Officer CTO Operations & Next Generation Solutions, Lockheed Martin Information Systems & Global Services
  • Dale Wickizer-Chief Technology Officer-Public Sector, NetApp, Inc.
  • Aileen Black- Vice President of Public Sector, VMware Inc.

      Kevin discusses the key points he gathered from the panel and includes links to its video and audio archives.

      Research and Markets’ 6/1/2009 post 2008-2011 Report Profiles Some of the Key Vendors Operating In the Global Cloud Computing Services Market says:

      The report forecasts the market size of Global Cloud Computing Services Market over the period 2008-2011. It elaborates the key trends in the Global Cloud Computing Services Market, and segments the total market by cloud computing options. Further, the report also provides the segmentation of Cloud Computing by components and talks about Cloud Hosting segmentation. It also profiles some of the key vendors operating in the Global Cloud Computing Services Market.

      But doesn’t list Microsoft in its “List of Some of the Vendors in Cloud Computing” topic.

      David Chappell’s An Update to Introducing the Azure Services Platform post of 6/1/2009 announces:

      Microsoft has made some important updates to various parts of the Azure Services Platform. Accordingly, I've updated the overview white paper I wrote on Azure last fall. The new version is available here.

      The biggest change is in SQL Data Services, which now will provide a standard relational datastore. This is really important, as the absence of relational storage was a gaping hole in the original announcement. It's great to see that Microsoft is fixing this.

      Justin Sheehy makes the case for REST and HTTP services as a business advantage on 6/1/2009:

      The advantages of HTTP as an application protocol (not just a transport) as opposed to many other networked service models are not abstract, idealized technical advantages. They directly affect your -- and your partners' -- cost of doing business.

      At Basho, our services integrate out of necessity with those of many kinds of partner companies, including CRM, Business Intelligence, Search, and more. We consider ourselves lucky in general when a company we'd like to partner with exposes any consistent and documented interface for this purpose.

      However, when those interfaces are SOAP or another RPC-shaped system it means that each integration is a fairly major new project even when the resulting connections between applications are conceptually small. This is because you have to learn the programming model of that other service and work as though you were a developer of that service -- learning their calling conventions, naming schemes, error conditions, and so on. …

      Cloud Computing Events

      <Return to section navigation list> 

      ••• Michele Weslander Quaid, Chief Technology Officer at the National Reconnaissance Office, announces the Unleashing the Crowd in the Cloud: Igniting the Innovation Insurgency conference to be held 6/17 – 6/18/2009 at the National Reconnaissance Office in Chantilly, VA. Keynote and special guest speakers include:

      • Vivek Kundra, Federal CIO
      • Jeff Jonas, IBM
      • Vint Cerf, Google
      • Dion Hinchcliffe, Hinchcliffe & Associates
      • David Stephenson, author of Democratizing Data

      It’s unfortunate that the Agenda page doesn’t include the topics the speakers intend to discuss and that you need an Intelligence Community (IC) badge or a TS/SCI clearance to attend.

      When: 6/17 – 6/18/2009 
      Where: National Reconnaissance Office, 14675 Lee Road, Chantilly, VA 20151-1715 

      ••• Paul Krill asks Can the cloud succeed without a killer app? in this 6/1/2009 post to InfoWorld’s Cloud Computing blog. He gives his apparent affirmative answer in the deck:

      CommunityOne panelist suggests its general advantages are enough to gain traction.

      Paul continues:

      So what will be the killer app that drives innovation in cloud computing? Perhaps none, because no killer app is needed, a Sun executive suggested during a panel discussion Monday at the CommunityOne event in San Francisco, which opened just prior to the JavaOne conference. Panelists including Tim Bray, Sun's director of Web technologies and a founder of XML, and Lew Tucker, Sun's CTO for cloud computing, touched on a variety of topics pertaining to the cloud concept, including what CIOs might think of it. With cloud computing, users access application and data services hosted over the Internet by a third party; a company's own data could be hosted inside a cloud.

      ••• Robert Grossman announces Using Clouds to Provide Scalable and On-Demand Analytics - A One Day Course to be held 6/22/2009 in at the Chicago Marriott O’Hare hotel and claims:

      What You Will Learn in the One Day Course (for US$245)

      • Learn about the different types of clouds.
      • Learn the benefits of using clouds for analytics.
      • Learn how to structure your first analytic project using clouds.
      • Learn how to speed up the development of analytic models and the deployment of analytics into operational systems using clouds.

      When: 6/22/2009 
      Where: Chicago Marriott O’Hare hotel (ORD), Chicago, IL

      ••• Andreas Grabner finds “More and more application scenarios for the cloud are appearing” in his Live from JavaOne - The Cloud Growing Up? post of 6/6/2009. He concludes:

      Cloud computing - or utility computing in general - is very much about better utilization of assets. Otherwise we end up as what we have learned to not work - throwing more hardware at a problem to scale. As a famous german tire commercial says Power is nothing without control. The power is out there in the clouds or in our datacenters, controlling and managing this power is up to us.

      ••• Glenn Brunette describes in his Cloud Security from Sun's CommunityOne post of 6/6/2009 “Three Cloud Computing security projects were discussed and demonstrated this week” at JavaOne:

      ••• Leena Rao was Liveblogging Microsoft’s Ray Ozzie on “The Potential Of Cloud Computing” at the Churchill Club on 6/4/2009. Leena begins:

      We’re at the Churchill Club’s “Potential of Cloud Computing” event, where Wired’s Senior Writer Steven Levy is interviewing Microsoft Chief Software Architect Ray Ozzie. Ozzie made some interesting predictions on the future of cloud computing a few weeks ago at J.P. Morgan’s Technology, Media and Telecom Conference. Microsoft is continuing to assert its position in the cloud as the release of its cloud computing platform, Azure, draws near. Ozzie faced a few hardball questions from Levy, which you can find our analysis of here.

      (Repeated from the Azure Infrastructure section.)

      •• Kathleen Richards JavaFun: Interoperability But is Three a Crowd article of 6/4/2009 in the Redmond Development Newsletter and post to the RDN Express Blog asks:

      Would Microsoft be on that stage, and a JavaOne sponsor, if it had known that Oracle was buying Sun? And with Larry Ellison lurking, ready to promote his company's proprietary platform (before Sun) and torpedo that of his long-standing nemesis, Bill Gates? All this at an open source conference? It's kind of surreal -- like Ralph Nader hosting a show on the Fox channel.

      and goes on to analyze the last three years of interoperability cooperation between Microsoft and Sun.

      Full disclosure: I write for Redmond Media Group, which publishes the Redmond Developer Newsletter.

      •• Steve Martin’s Microsoft Keynoting at JavaOne...That Just Happened! post of 6/4/2009 describes his and Dan’l Lewin’s keynote presentation where they announced “that Sun has also now agreed to participate in the Stonehenge project and will be contributing the Metro-based StockTrader application code:

      Along these lines, some of you may recall that last November we announced our participation – and the contribution of our StockTrader 2.0 code – to the Apache “Stonehenge” project. Stonehenge was formed to deliver a set of sample applications that demonstrate interoperability across multiple underlying platform technologies by using currently defined W3C and OASIS standard protocols. This is helpful for a number of reasons. While industry efforts like WS-* define approaches to enable interoperability, products may still need to be configured by customers before the benefits of interoperability can be realized. In fact, we’ve had a number of customers tell us they need better examples and more guidance on how to realize the built-in interoperability of applications across multiple vendor platforms. Stonehenge addresses this by providing customers with best practice guidelines and actual code that illustrates precisely how to achieve this in real world scenarios. To put it a little more poetically, Stonehenge will help us complete the “last mile” of interoperability between today’s standards-based infrastructure and tomorrow’s service-based applications. …

      Watch the video segment of the keynote here.

      MIT Technology Review presents Navigating the Cloud: Finding Solutions That Make Sense for Your Business:

      Join fellow thought leaders for a discussion about these emerging cloud options and how your business can put the cloud to work.

      • Gain insight into the solutions available and put its power to work for you
      • Discover ways to boost productivity and interaction for your team while lowering cost
      • Learn how different cloud options can work with your existing technology

      This exclusive event series features networking receptions and expert panels in four cities across the U.S. during the month of June. Space is limited – register today for the event near you!

      According to Saugatuck Technology:

      Saugatuck Research VP Charlie Burns, a 30-year veteran of IT markets, services, research and consulting, will be participating, providing research-supported, fact-based insights regarding the past, present, and future of Cloud Computing for real-world business.  Joining Burns will be IT visionary Irving Wladawsky-Berger, Chairman Emeritus, IBM Academy of Technology and Visiting Lecturer MIT, William C. “Bill” Lowe, “the father of the IBM PC,” Jason Pontin, Editor in Chief and Publisher, (MIT) Technology Review , Mike Matsumura, Chief Strategist, Software AG, Sean Poulley, VP Online Collaboration Services, Lotus/IBM, and other industry luminaries.

      IBM is sponsoring the series.

      When: 6/11/2009 5:30 – 8:00 PM EDT
      Where: MIT Faculty Club, 50 Memorial Drive, Cambridge, MA 02142 

      When: 6/16/2009 5:30 – 8:00 PM CDT
      Where: IBM Innovation Center, 13800 Diplomat Drive, Dallas, TX 75234  

      When: 6/17/2009 5:30 – 8:00 PM CDT
      Where: IBM Innovation Center, 71 S. Wacker Drive, Chicago IL 60606  

      When: 6/18/2009 5:30 – 8:00 PM PDT
      Where: IBM Innovation Center, 2929 Campus Drive, San Mateo, CA 94403 

      • The Software and Information Industry Assocaiton (SIIA) presents On Demand Europe on 6/9 – 6/10/2009 at the Hilton Amsterdam. A keynote, keynote panel, and session have cloud computing as their subject:

        • Keynote: Cloud Computing: Back to the Future by Zach Nelson, President & CEO, NetSuite, Inc.
        • Keynote Panel: How Cloud Platforms Change the Game for ISVs
        • Session: Building Confidence in the Cloud Presenters: Kevin O’Brien, Director, SaaS Strategy & Programs, Oracle Corporation; Larry Velez, Director Industry Initiatives, Microsoft Online Services; Dr. Werner Vogels,Vice President & CTO,
      When: 6/9 – 6/10/2009
      Where:  Hilton Amsterdam, Amsterdam, The Netherlands 

      • RDA offers a free day of Atlanta Area Azure Training (sponsored by Microsoft) on 7/7/2009. Breakfast, lunch, and free parking will be provided.

      The event is targeted for developers and technical decision makers with a background in .NET development.  No prior experience with Azure is required and this training session will provide enough background for software development teams to pilot cloud-based applications in their organizations. The training will be divided into multiple sessions to provide a comprehensive overview of the platform.

      Here’s the session list for the day:

        • Session 1 - Microsoft Azure Platform Business Overview
        • Session 2 – Azure Roadmap
        • Session 3 - Microsoft .NET Services Overview
        • Session 4 - Developing applications for MS Azure and Azure Storage
        • Session 5 - Exploring Microsoft Live Services
      When: 7/7/2009 8:30 AM – 4:00 PM EDT
      Where:  Microsoft Corporation, 1125 Sanctuary Parkway Suite 300, Alpharetta, GA  30009 

      • Pluralsight announces it’s three-day Azure Services Fundamentals training to be offered in Waltham, MA starting 7/29/2009 and Chicago, IL starting 10/14/2009. You can download the course description here. Course instructors are Aaron Skonnard, Keith Brown and Matt Milner.

      You can download Aaron’s code for his A Day of the Azure Services Platform presentation from a link on his Dutch DevDays 2009 post of 6/3/2009.

      • Steven Martin and Dan’l Levin will present the Software + Services: The Next Application Platform session during the first Microsoft General Session at Java One:

      Come join us to learn about the results of the partnership between Sun Microsystems and Microsoft in delivering interoperable application platforms that span on-premise and cloud computing, enabling our mutual customers to leverage their existing IT skills in Microsoft and Sun technologies, extend existing applications into new scenarios, and drive tangible value and competitive advantage. This session will cover current and future interoperability between .NET and Java, ensuring that developers can build the next-generation applications of the future, from Java to .Net, from premise to cloud.

      Steve is Senior Director, Developer Platform Product Management and Dan’l is Corporate Vice President, Strategic and Emerging Business Development.

      Steve is the guy who kicked off the Open Cloud Manifesto controversy with his Moving Toward an Open Process on Cloud Computing Interoperability post of 3/25/2009.

      Anyone want to bet that Steve will announce support for Java by Windows Azure?

      When: 6/4/2009 8:30 – 9:15 AM PDT
      Where: Moscone Center, San Francisco, CA (will be simulcast).

      Nandita announces MSDN Webcast: Building Applications Using the .NET Service Bus (Level 200):

      In this webcast, we provide an overview of the Microsoft .NET Services Service Bus. We cover what a Service Bus is and why it is necessary, and we step through the features of the Service Bus: the naming system, the service registry, the messaging fabric, and the programming model, including all the most useful bindings. We also demonstrate NetOnewayRelayBinding, NetEventRelayBinding, NetTcpRelayBinding, and WebHttpRelayBinding.

      When: 6/24/2009 11:00 – 12:00 AM PDT
      Where: Internet; registration required.

      Copied from the .NET Services: Access Control, Service Bus and Workflow section.

      Microsoft’s Worldwide Partner Group announces its Worldwide Partner Conference to be held 7/13 – 7/16/2009 in New Orleans, LA. The following six sessions are devoted to or cover Windows Azure and the Azure Services Platform:

      • AP002 Business Opportunities and Economic Advantages of the Azure Services Platform by Steve Yi
      • AP005 What's New in Microsoft SQL Data Services by Rick Negrin
      • EPG009 Opportunities in the Enterprise with the Windows Azure Platform by Yousef Khalidi
      • IND007 Leverage Microsoft Products with Your Business Solutions in Retail, Hospitality, Consumer Goods and Distribution, and Professional Services industries by Tracy Issel
      • SS003 Lap around Windows Azure by David Lemphers
      • SS008 Leveraging the Cloud: How ISVs Can Use New Microsoft Programs to Move into the Software-Plus-Services World by David Wright

      For session time and other details go to the Session List and search on “Azure” (without the quotes.)

      When: 7/13/2009 – 7/16/2009 
      Where: New Orleans, LA

      Other Cloud Computing Platforms and Services

      <Return to section navigation list> 

      ••• Todd Hoff’s HotPads Shows the True Cost of Hosting on Amazon analyzes Mather Corgan’s detailed report of the cost of running his HotPads real estate site on Amazon Web Services. HotPads is a map-based real estate search engine, listing homes for sale, apartments, condos, and rental houses having:

        • 800,000 visits/month
        • 4.5 million page-views/month
        • 3.5 million real-estate listings updated daily

      Their total costs are about $11K/month, which is about what they were paying at their previous provider. I found this is a little surprising as I thought the cloud would be more expensive, but they only pay for what they need instead of having to over provision for transient uses like testing. And some servers aren't necessary anymore as EBS handles backups so database slave servers are no longer required.

      Mather Corgan is president of HotPads.

      ••• Nick Johnson of the Google App Engine Team posted 10 things you (probably) didn't know about App Engine on 6/5/2009. Even if you don’t use GAE, you’ll probably be interested in these topics:

        • The 'IN' and '!=' operators generate multiple datastore queries 'under the hood'
        • You can batch put, get and delete operations for efficiency
        • Datastore performance doesn't depend on how many entities you have
        • The time it takes to build an index isn't entirely dependent on its size
        • The value for 'Stored Data' is updated once a day
        • You don't need to construct GQL strings by hand

      ••• Maureen O’Gara says TIBCO Silver “is supposed to cut the time it takes to build and deploy cloud apps ‘from months to minutes’” in her TIBCO Silver – Amazon for Dummies post of 6/5/2009:

      Its mission is to make it easier for the cloud-curious but diffident Global 2000 to use Amazon and put to rest their availability, security, integration, and governance worries.

      TIBCO's widgetry, which will go to beta June 30, is described as a rapid application platform reportedly built from the ground up for building and deploying cloud applications. It's called TIBCO Silver and it's supposed to cut the time it takes to build and deploy cloud apps "from months to minutes."

      It's supposed to have "self-aware" elasticity that it gets from TIBCO's Complex Event Processing (CEP) technology so it can roll with the traffic highs and lows on its own.

      ••• Monique Morrow’s From India to Intercloud post of 6/5/2009 begins:

      Following my presentation at the Futurenet Conference in Boston on May 6, 2009 entitled, “Disruption: Emerging Technologies and Business Models,” I flew to India to meet with customers and colleagues in New Delhi, Mumbai and Bangalore. The atmosphere was rather electric as the country was in the midst of its national election. With Cisco Globalisation East, we are now embarking on developing architectures and solutions for what can be broadly termed as “Connected Societies,” under which comes “Intelligent Urbanisation.” …

      From India, I had an opportunity to present a paper I co-authored with a few Cisco colleagues entitled, “Blueprint for the Intercloud: Protocols and Formats for Cloud Computing Interoperability.”

      What my co-authors and I have concluded is the following:

      More and more Service Providers are constructing these new planet-scale virtualized data centers that are popularly called Cloud Computing. As software and expertise becomes available, enterprises and smaller Service Providers will build Cloud Computing implementations. …

      Monique is a Cisco distinguished consulting engineer.

      ••• John Foley reports Eli Lilly, NASA Build Eucalyptus Clouds in this 6/5/2009 report for InformationWeek. John writes:

      Eucalyptus Systems, the startup behind the open source cloud computing software, has identified its first two customers: NASA and Eli Lilly. That's an impressive start for a company that's barely three months old.

      Eucalyptus Systems was officially launched in April, when the company revealed it had secured $5.5 million in Series A funding from Benchmark Capital and BV Capital. The startup is a spin-off of the University of California at Santa Barbara, where its founders developed the software as part of a research project that involved linking National Science Foundation supercomputers with public cloud services for scientific workloads. Eucalyptus is the open source platform resulting from that work, and Eucalyptus Systems is the software company behind the platform.

      The remainder of the article is based on an interview with Eucalyptus Systems CTO Rich Wolski a few days ago.

      ••• Bernard Golden’s The Case Against Private Clouds post of 6/4/2009 begins:

      CIO - Over the past few weeks, I've examined the role of private clouds in cloud computing. In posts one and two, I discussed the functional services that comprise a private cloud, both from the infrastructure as well as the application management perspective. Last week, I discussed the case for private clouds -- why they are the most likely way mainstream IT organizations will implement cloud computing.

      This week, I want to take the contrary position -- why private clouds are not the future of cloud computing, and, in fact, will prove too daunting for IT organizations.

      Not sure why one would write two diametrically opposed artices on the same topic. Chris Hoff (@Beaker) refers to this story as “Clouds for Dummies” in a 6/5/2009 Tweet.

      Andrea DiMaio analyzes Aneesh Chopra’s plans in New US Federal CTO Shares His Priorities: Good Ideas, Hard To Implement of 6/4/2009:

      Aneesh Chopra, the recently appointed CTO for the US Federal Government, made a speech at the ACT/IAC Management of Change Conference, which was very well received, at least judging from the enthusiastic tweets and Facebook messages that I’ve read.

      In listing his priorities in his new role, he mentioned three areas that seem quite interesting to me:

      • open standards
      • the role of government R&D and
      • crowdsourcing for public sector innovation

      These are all great topics.

      Andrea posted What’s the Real Cost of Crowdsourcing? later the same day:

      Yesterday I was reading David Osimo’s blog (always a good read) and stumbled across an interesting comparison he is developing between traditional government IT initiatives and web 2.0 ones.

      One particular line in his comparison table caught my eye: web 2.0 “bottom-up” initiatives require small or no investment in technology, while we know what’s the price tag for many traditional government projects.

      I know this is the common wisdom around Web 2.0. Develop pilots rather than full-blown applications, publish then filter, crowdsource portions of design and development.

      James Urquhart’s Five things Cassatt taught us about cloud computing of 6/3/2009 lists five elements of cloud computing that Cassatt correctly understood:

      • Cloud computing is an operations model, not a technology.
      • Yes, Virginia, there is a private cloud.
      • You cannot forklift a revolution.
      • It's easier to swap out a server than an attitude.
      • Bye-bye siloes.

      Despite the “technical vision” of Cassatt’s founders, CA picked up its assets in a widely reported fire sale on 6/2/2009.

      Andrea DiMaio questions the federal request for proposal (RFP) for redesign of the site in his from crowdsourcing to outsourcing post of 6/3/2009:

      Some time ago I posted about the innovative initiative taken by the US government to gather ideas about how to build, the web site that is supposed to allow every dollar from the stimulus package to be tracked to relevant outcomes (such as projects and jobs created).

      According to today’s news, the Recovery Accountability and Transparency Board and the General Services Administration will soon publish a request for proposals so that IT vendors can bid for the site redesign. The budget for site development and maintenance (of which the RFP should cover one part) is part of the 84 million US dollars earmarked for the functioning of the Recovery Acountability and Transparency Board [the report above suggests that the site would consume a substantial portion].

      George Lawton’s Developers beware: Downsides to developing in the cloud post of 6/4/2009 reviews the "Seeding the Cloud" presentation by Ted Leung and Ashwin Rao at Java One:

      Developers at JavaOne this week heard about some of the challenges and strategies involved in developing cloud based applications, notably around security and performance. …

      Platform as a Service (PaaS) offerings like Google App Engine and Amazon AWS places further constraints on the kinds of code and applications that can be written. "When you look at PaaS, you need to see what limitations are built into the development and deployment environment," Leung said. Google App Engine, for example, is the most popular PaaS offering at the moment, but it only uses a small subset of Java and is only optimal for a narrow range of applications. It, for example, cannot do background processing.

      • Andrea DiMaio casts a jaundiced eye on’s approach to building its mandated Web site in his from crowdsourcing to outsourcing post of 6/3/2009:

      Some time ago I posted about the innovative initiative taken by the US government to gather ideas about how to build, the web site that is supposed to allow every dollar from the stimulus package to be tracked to relevant outcomes (such as projects and jobs created).

      According to today’s news, the Recovery Accountability and Transparency Board and the General Services Administration will soon publish a request for proposals so that IT vendors can bid for the site redesign. The budget earmarked for site development and maintenance (of which the RFP should cover one part) is in excess of 80 million US dollars.

      Taking into account that (1) has started crowdsourcing part of the solution and (2) there are private sector sites (such as that already provide pretty sophisticated tracking capabilities, one wonders about the reasons for such a traditional approach to development.

      • Ben KepesIntuit Launches the IPP Version 2 post of 6/3/2009 reports:

      [Intuit Partner Platform] IPP v2 fulfils much of this promise – it allows applications, regardless of their base architecture, to integrate into the platform and leverage what the platform has to offer, namely;

      • User interface
      • Billing
      • Single sign-on
      • Data integration

      Intuit is calling this offering “federated applications” and it’s pretty compelling. Federated applications are delivered to customers through the Intuit Workplace, a place to find, try, buy and use various apps. Intuit ensures that platform participants follow a base set of guidelines and that the applications work together seamlessly.

      • John Gannon calls Sun’s “Cloud Strategic Planning Service” a Cloud Computing Cash Cow in this 6/3/2009 post. John concludes:

      Going from 1% to even 5% or 10% is meaningful to the whole ecosystem of cloud services vendors, including the professional services guys who are going to help customers make the transition.  Since the cloud professional services ‘experts' haven't really been identified yet, I bet we'll see alot of people hanging the cloud shingle and following the money.

      Getting back to the post referenced here, this is an obvious move for Sun, and is bound to put a ton of juice into their services business.  Cloud consulting is going to be very high margin and high volume at the same time.

      Buckle up, folks.

      • Lydia Leong (a.k.a. Gartner’s Cloud Pundit) discusses “two public cloud announcements from hosting providers this week, with some interesting similarities” in her Verizon and Carpathia launch hybrid offerings post of 6/3/2009.

      More details on Verizon’s offering are at Verizon to Offer Cloud Computing Services, also dated 6/3/2009.

      • James Hamilton shares his detailed notes and a link to the video of Don McAskill’s presentation to the MySQL Conference 2009 in this The SmugMug Tale post of 6/3/2009. SmugMug is one of the poster child users of Amazon Web Services S3 (blob) storage.

      Dana Garder reports TIBCO takes PaaS plus integration capabilities to global enterprises via their choice of clouds in this 6/3/2009 post to ZDNet’s BriefingsDirect blog. Dana writes:

      Combining platform as a service (PaaS) with a built-in ability to integrate and manage hybrid cloud deployments, TIBCO Software today threw its hat in the cloud computing ring by taking its middleware and Java development and deployment platforms to new heights.

      Coinciding with the JavaOne conference and coming on the heels of other PaaS announcements this week, TIBCO debuted TIBCO Silver via an online virtual conference. While general availability of Silver is not due until 2010, private beta launches begin this month, as the start of a rolling series of expanding beta launches this year. [Disclosure: TIBCO is a sponsor of BriefingsDirect Analyst Insights Edition podcasts.]

      • Reuven Cohen proselytizes IBM (again) in his IBM Experiments with Group Authorship for Cloud Interoperability post of 6/2/2009:

      I'm happy to announce that IBM has created a new Cloud Computing Working Group focused on creating interoperability usage scenarios. IBM described this new effort as "an experiment in group authorship." In a recent email from Dirk Nicol at IBM, he outlined the following to the Open Cloud Manifesto Supporters[:]

      [“]We have a growing community forming around the principles of the manifesto and have over 200 supporters. Several of you have asked about next steps. Ideas that have been raised include a white paper on customer usage scenarios, coordination on event/trade show participation, an open cloud manifesto 2 that is more technical in nature, brainstorming on how to encourage standards organization coordination, etc.

      The one idea that seems to resonate across the board is the creation of a usage scenario white paper. We plan to propose this activity on the Open Cloud Manifesto LinkedIn group and discussion forum where we will solicit community participation (see the community section at ).[“]

      It appears that IBM has its hands firmly around the collective neck of the “Open Cloud Manifesto Supporters.”

      William Hurley announces in his Computer Sciences Corp. does cloud computing post of 6/1/2009 that “A new consulting group headed by R. Lemuel Lasher and a three-pronged attack on competitors led by Brian Boruff may make CSC a real player in the cloud.” Hurley begins:

      Today CSC (Computer Sciences Corp.) announced its next step in a company-wide commitment to cloud computing. CSC has a strong set of enterprise systems integration and mission-critical security capabilities, and their announcement is sure to grab attention from both potential and existing customers. So exactly what is CSC announcing? A whole family of new cloud-based offerings, including "cloud orchestration services," "trusted cloud services," and a consulting group led by R. Lemuel Lasher.

      John Foley’s IBM's Cloud CTO Hints At What's To Come article of 6/2/2009 for InformationWeek reports:

      As IBM's recently named cloud computing CTO, Kristof Kloeckner has had four months to craft a cloud computing strategy, and it's becoming clear that IBM's plans go well beyond what the company has delivered so far. "We see huge opportunity in this space," Kloeckner told me during a visit to Big Blue's headquarters.

      IBM's not quite ready to divulge all of the details about its cloud computing plans, but, in talking about the emerging market, Kloeckner describes services and business scenarios that would be transformative. Examples: customer data clouds in the retail industry, risk management clouds in finance, and medical imaging clouds in health care. These would be partner clouds of data and applications--Kloeckner refers to them as "ecosystems"--with built-in analytics capabilities.

      Dana Gardner finds a “strong contender for a best-of-breed cloud computing development and deployment approach” in his LongJump and Open Cloud PaaS post of 6/2/2009:

      Even The Economist newspaper is worried about cloud lock-in. And a lot of people talk about open clouds, but not many necessarily do anything about it.

      LongJump's announcement today of an enhanced platform-as-a-service (PaaS) offering -- the LongJump Business Applications Platform -- is a strong contender for a best-of-breed cloud computing development and deployment approach that reduces the risk of cloud lock-in.

      Designed with independent software vendors (ISVs) that want to go to the cloud in mind, LongJump's PaaS 6.2 version allows applications to be deployed almost anywhere -- on Amazon, Rackspace, on an enterprise data center, or any standards-based runtime stack, says Pankaj Malviya, Founder and CEO of LongJump.

      Update: The post was later renamed LongJump eyes fully portable, best-of-breed PaaS holy grail for ISVs going to the 'open' cloud.

      Charles Babcock’s Sun Shows Off Vendor Support For Sun Cloud post of 6/2/2009 from the Community/Java One conference begins:

      It's unclear whether all of Sun's cloud initiatives will be intact after the Oracle acquisition is finalized, but the company is rounding up vendor support for Sun Cloud.

      The planning service will be provided through Sun's consulting arm, Sun Professional Services. It will evaluate a customer for cloud-readiness, determine whether a public or private cloud is appropriate, and identify opportunities in the cloud in terms of the nature of the business, the corporate culture, and the existing IT environment.

      Paul Miller describes how Sun moves their Cloud forward at CommunityOne in this 6/1/2009 post:

      Sun Microsystems used the CommunityOne East event in New York City this past March to unveil their Cloud Computing offering. I spoke with the company’s Juan Carlos Soto recently, to learn more.

      Today, David Douglas (Senior VP, Cloud Computing) opened CommunityOne West in San Francisco discussing ‘Communities, Open Source Platforms, and Clouds.’ I joined the live webcast to see what he had to say.

      Lew Tucker, Sun’s Cloud CTO, gets up on stage to talk about Sun’s Cloud Computing with Dave. Their opening gambit is around the on-demand nature of the Cloud, with its ability to pull up (and shut down) Cloud resources on demand, with a credit card. Lew argues that the Cloud doesn’t create lock-in, as it’s based upon open software such as Apache, Solaris and Linux.

      Krishnan Subramanian says on 6/1/2009 that it’s Time To Uninstall Office 2007 because Google Docs now supports *.docx and *.xlsx files. Perhaps he’s short on disk space.

      Andrew Conry-Murray’s Jive Leapfrongs SaaS, Lands In Cloud post of 6/1/2009 for InformationWeek explains:

      Jive has leapfrogged the SaaS model in favor of federated private and public clouds. The goal is to provide software to customers in a private cloud, in which the app and infrastructure resides on the customer premises, as well as on the public cloud. In the long term, Jive envisions customers running multiple instances of the software. "There's be one in the public cloud and one in private and the user doesn't know the difference between them," says Chris Morace, SVP of products at Jive.

      David Linthicum explains Why Open Source Amazon APIs Will Matter on 6/1/2009:

      So, what does Amazon stand to gain by this? As [David] Rosenberg argues, by releasing the APIs as open source (creative commons, or no-sue covenant), Amazon could find that other cloud computing vendors adopt their way of doing APIs. There is no clear revenue stream from that approach, but the use of the IP will be clearly linked back to Amazon. It could become one of those little heard of "brilliant moves."

      Lori McVittie claims “HTTP is still very much alive” in her Facepalm: Google Wave Choice of XMPP Not the Death of HTTP post of 6/2/2009:

      Okay, folks, it’s time to stop declaring the death of protocols/technologies prematurely. Please? Especially when such proclamations are clearly not representative of reality.

      From ElasticVapor :: Life in the Cloud
      In Google's announcement what I found most fascinating was the protocol they choose for the basis of their new realtime vision. It wasn't
      HTTP but instead XMPP was selected as the foundation for this decentralized and interoperable vision. What this means in very simple terms is Google has declared the HTTP protocol is dead, an inefficient relic of the past. A protocol that was never designed with the requirements for the reality of a global realtime cloud. [emphasis added]

      Michael Vizard’s To Boldly Go With Federations of Cloud Computing post of 6/1/2009 describes Computer Science Corp.’s “new set of enterprise-class services anchored by a new Cloud Orchestration Services that customers can leverage to create clouds of private and public cloud computing that are federated. Michael continues:

      That means that instead of thinking about cloud computing services as silos of offerings based on specific application or infrastructure services, IT organizations can leverage CSC to integrate all those services into an integrated platform for enterprise computing.

      As part of those capabilities, CSC plans to deliver single sign-on services, master data management capabilities and security services that can be deployed across federated clouds of services. Initially, the CSC services include hosting of Microsoft and Oracle applications, backup and recovery services, desktop management and a series of related managed services targeted at remotely managing a customer's on-premise systems.

      The Economist print edition takes up the vendor lock-in issue in its Unlocking the cloud post of 5/28/2009:

      Open-source software has won the argument. Now a new threat to openness looms. …

      The obvious answer is to establish agreed standards for moving data between clouds. An industry effort to this effect kicked off in March. But cloud computing is still in its infancy, and setting standards too early could hamper innovation. So buyers of cloud-computing services must take account of the dangers of lock-in, and favour service providers who allow them to move data in and out of their systems without too much hassle. This will push providers to compete on openness from the outset—and ensure that the lessons from the success of open-source software are not lost in the clouds.


      DaveE said...

      Great post of resources!I would love to attend some deep deep tech training on this stuff but who, where and when? Any ideas?

      --rj said...


      Pluralsight provides training for Azure. Here's a link: