Windows Azure and Cloud Computing Posts for 8/3/2009+
Windows Azure, Azure Data Services, SQL Azure Database and related cloud computing topics now appear in this weekly series.
• Update 8/4 and 8/5/2009: Added initial Azure sessions at PDC 09, move out of USA – Northwest data center, Geneva for Azure and other additions.
Note: This post is updated daily or more frequently, depending on the availability of new articles in the following sections:
- Azure Blob, Table and Queue Services
- SQL Azure Database (SADB)
- .NET Services: Access Control, Service Bus and Workflow
- Live Windows Azure Apps, Tools and Test Harnesses
- Windows Azure Infrastructure
- Cloud Security and Governance
- Cloud Computing Events
- Other Cloud Computing Platforms and Services
To use these links, click the post title to display the single article you want to navigate.
Azure Blob, Table and Queue Services
• Dion Hinchcliffe brings his analytical chops to bear “on what businesses can do with that most precious asset they’ve developed at enormous expense over the years: their data” in his The future of enterprise data in a radically open and Web-based world post to ZDNet’s Enterprise Web 2.0 blog of 8/5/2009:
… Open data holds up the promise of instant connectivity between arbitrary numbers of ad hoc partners while at the same time reducing integration costs, improving transparency, harnessing external innovation, and even (perhaps especially) creating entirely new and significant business models. I sometimes refer to these as “open supply chains“, and the term is highly descriptive when it comes to the potential for open data models to make cloud computing safe and interoperable, help journalists to do their jobs better, or create multi-million dollar new lines of business, such as Amazon’s well-known Web Services division. …
• Ryan Dunn released his Windows AZure Tool (wazt) for blobs, tables, and queues to the MSDN Code Gallery on 8/5/2009. See the Live Windows Azure Apps, Tools and Test Harnesses section for more details.
Ryan Dunn’s Windows Azure Storage Overview 00:07:01 video segment appeared on Channel9 on 8/3/2009:
A key component of any cloud computing offering is durable storage. Windows Azure provides 3 forms of durable storage: tables, blobs, and queues. Join me as we explore the highlights of these 3 important implementations.
See the Windows Azure Infrastructure section for Ryan’s other recent video segment. Thanks to David Aiken for the heads-up at New Windows Azure presentations.
David Linthicum recommends When it comes to data and cloud computing, think proactively and says “Where you place data within your cloud computing service is more important than you may know” in this 8/3/2009 article for InfoWorld CloudComputing.
Data is moving to the cloud and has been for some time. However, when considering moving large data sets around the Internet, cloud to cloud or cloud to company, you have to consider the architectural trade-offs. And there are several.
The core issue is that data residing in the cloud is perfectly fine, when considering performance and integrity, as long as it's within the same domain as the core applications and the processes that use the data. Thus, if your data resides on Amazon's EC2, the best approach is to place your applications and processes there as well.
The upshot is to use Azure’s geolocation services to ensure that data and computing operations occur in the same data center.
<Return to section navigation list>
SQL Azure Database (SADB, formerly SDS and SSDS)
• Walter Pinston’s The Importance of Cloud Abstraction post of 8/5/2009 claims “.NET developers can leverage their existing SQL Server database skills when developing against the Azure platform” and continues:
My colleague, Peter Palmieri, just penned a blog post about Microsoft’s recent announcement that the Azure platform will offer extensive and familiar relational database features via SQL Data Services (SDS).
In his post, Leveraging Skills, Peter discusses the fact that .NET developers will be able to leverage their existing SQL Server database skills when developing against the Azure platform. In doing so, he has touched upon what I think is Microsoft’s most strategic advantage in the realm of cloud computing. Microsoft has a ready-made ecosystem and developer community from which to draw its consumer innovators and early adopters. And I believe it plans on leveraging that advantage to vanquish the competition. The sheer breadth and depth of these cloud consumer first-movers may prove to be game-changing.
Of course, leveraging “existing SQL Server database skills” was the purpose of moving from the original Authority, Container, Entity (ACE) data model to a more conventional RDBMS.
Ken North questions Databases in the Cloud: Elysian Fields or Briar Patch? in his five-page article for Dr. Dobbs Journal. Table of contents:
- Introduction
- Databases and Data Stores
- Amazon, Azure, and Column Stores
- SQL/XML Databases
- Platform and API Issues
The SQL/XML Databases topic is especially interesting because it covers so many commercial RDBMSs in extreme-traffic environments.
See David Linthicum’s When it comes to data and cloud computing, think proactively post of 8/3/2009 article in the Azure Blob, Table and Queue Services section. His advice also applies to SADB instances.
<Return to section navigation list>
.NET Services: Access Control, Service Bus and Workflow
• Matt Milner has written A Developer's Introduction to Windows Workflow Foundation (WF4) in .NET 4 Beta 1 for the MSDN Library:
… In version 4 of the Microsoft® .NET Framework, Windows Workflow Foundation introduces a significant amount of change from the previous versions of the technology that shipped as part of .NET 3.0 and 3.5. In fact, the team revisited the core of the programming model, runtime and tooling and has re-architected each one to increase performance and productivity as well as to address the important feedback garnered from customer engagements using the previous versions. The significant changes made were necessary to provide the best experience for developers adopting WF and to enable WF to continue to be a strong foundational component that you can build on in your applications. I will introduce the high level changes here, and throughout the paper each topic will get more in depth treatment. …
Matt’s article, which comes highly recommended by Mike Taulty, will show you what to expect when .NET Services regains its workflow component after .NET 4 RTMs next year.
Aaron Skonnard’s A Developer’s Introduction to Windows Communication Foundation (WCF) .NET 4 Beta 1 is a companion article about Windows Communication Foundation (WCF).
Both Matt and Aaron are Pluralsight instructors.
• Vittorio Bartocci’s A Guide for Enabling Federated Authentication on Windows Azure WebRoles… using Windows identity Foundation post of 8/5/2009 provides step-by-step instructions for using Geneva with Azure:
In order to help you with that Hervey, architect on the Federated Identity team, took a good look at the current bits at your disposal (Windows Azure July 2009 CTP, Geneva Framework Beta 2) and developed some code extending Windows Identity Foundation [that] can help you to overcome some of the incompatibilities so that you can experiment with claims based identity in Windows Azure.
Then I took that code and made it into a step-by-step guide, that can be used by *anybody* for enabling passive federation in a Windows Azure WebRole for experimental purposes and can be used by identity experts for gaining insights on what are the attention points that require workarounds in the currently available bits. …
<Return to section navigation list>
Live Windows Azure Apps, Tools and Test Harnesses
• Ryan Dunn released his Windows AZure Tool (wazt) to the MSDN Code Gallery on 8/5/2009. According to Ryan:
Windows Azure Tool (wazt) is a command line tool for working with Windows Azure. Today, this tool works with the storage services (blobs, queues, and tables). This tool was inspired by the Sitka Tool (st) from the SQL Azure team (long deprecated now).
Global Switches
- /? or /help Get help for command
- /verbose verbose output
- /key:<base64Key> Storage Key to use (overrides persisted keys)
- /local Connects to local storage services
Commands
- wazt [command] /?
- wazt list - list containers, blobs, queues, or tables
- wazt add - create containers, blobs, queues, or tables
- wazt delete - delete containers, blobs, queues, or tables
- wazt update - update containers, blobs, or queues
- wazt get - retrieve blobs or entire containers
- wazt save - persist storage key securely
• Mike Ormond’s Getting Up and Running with Windows Azure post of 8/5/2009 is an illustrated guide to creating a simple “Hello World” Web Role in the local development environment with the Windows Azure SDK July 2009 CTP.
• Maarten Balliauw describes Accessing ServiceConfiguration in FastCGI (PHP) web role in this 8/4/2009 post:
While working on a sample PHP application hosted on Windows Azure, I found that it is nearly impossible to retrieve information from the Windows Azure ServiceConfiguration.cscfg file. Also, it is impossible to write log messages to the Windows Azure Web Role. Well, both are not 100% impossible: you can imagine dirty hacks where you let a ASP.NET page do something from PHP and stuff like that. But how about a clean solution? How about… A PHP extension module?
Maarten Balliauw reports via an 8/3/2009 Tweet that he’s “checked in support for queue service + documentation” to the PHP SDK for Azure project on CodePlex for Milestone 3:
Milestone 3: August 21, 2009 (Final)
This release will focus on Windows Azure queue storage as well as final release of the full PHP SDK for Windows Azure.
The following features will be included:
- List Queues - Lists all queues under the given account.
- Create Queue - Creates a new queue under the given account.
- Delete Queue - Deletes a queue.
- Get Queue Metadata - Returns queue properties, including user-defined metadata.
- Set Queue Metadata - Sets user-defined metadata on the queue.
- Put Message - Adds a message to the queue.
- Get Messages - Retrieves a message from the queue and makes it invisible to other consumers.
- Peek Messages - Retrieves a message from the front of the queue, without changing the message visibility.
- Delete Message - Deletes a specified message from the queue.
- Clear Messages - Clears all messages from the queue.
Kevin Jackson’s Sevatec a New Player in the Federal Cloud Computing Market post of 8/3/2009 announces:
Just in time for the new Federal Cloud Computing Storefront, Sevatec, Inc. is announcing the development of a toolkit to help federal agencies transform their enterprise architectures to cloud computing more effectively and seamlessly. With last week's General Services Administration (GSA) Request For Quotation (RFQ) release for the US Federal Cloud Computing Initiative, Sevatec may be positioning itself well. As part of the GSA Federal Supply Service Schedule 70, the RFQ process will grant agencies direct access to pre-authorized, commercial experts capable of delivering cloud computing products and services.
Carl Brooks interviews Brent Stineman and Rob Gillen about a forthcoming application deployment API for Windows Azure in Brook’s Automation and monitoring coming for Windows Azure developers post of 7/31/2009.
<Return to section navigation list>
Windows Azure Infrastructure
• My Mystery Move of Azure Services Out of USA – Northwest (Quincy, WA) Data Center post of 8/4/2009 speculates about the “local tax” issue that caused the Azure team to “disable the ‘USA – Northwest’ option for new [Azure] applications.”
• Rich Miller picked up the preceding post and wrote Microsoft Migrates Azure, Citing Tax Laws on 8/5/2009 for the Data Center Knowledge blog.
• Mary Jo Foley says in her Tax concerns to push Microsoft Azure cloud hosting out of Washington state post of 8/5/2009:
I’ve asked Microsoft for more information on this, including what is going to happen to its Quincy datacenter. I’m also asking whether the decision to move the Azure-hosted apps out of Quincy will stand if a tax exemption comes to pass. If and when I receive responses to these questions from Microsoft, I’ll update this post.
So will I.
• Joe McKendrick’s brief Another sign that SOA and cloud keep drawing closer post of 8/5/2009 claims:
More signs that “SOA” and “cloud” are becoming more synonymous: The 2nd International SOA Symposium, to be held in Rotterdam, Netherlands this October also includes a co-located “International Cloud Symposium.”
As Thomas Erl, event organizer, explains it, the symposium’s theme of ‘The Future of Cloud Computing’ “highlights many of the modern technology innovations that are being developed in support of Cloud-based services and the ever-widening convergence between SOA and Cloud-based services.” Thomas also mentions that he and some colleagues will soon be starting on a new book titled “SOA and Cloud Computing.”
See the Cloud Computing Events section for more details.
• David Linthicum asks Will Cloud Computing Kill the Data Center? in this 8/5/2009 Intelligent Enterprise post. He answers:
Probably not. While cloud computing is a great fit for some applications, and/or other architectural components, it typically won't be a fit for all applications and/or architectural components. There will always be some data, services, processes, and complete applications that you want to keep within your firewall for a number of reasons, including: Compliance, privacy, fear, control, and cost.
Reuven Cohen claims Cloud Singularity is Nigh in this 8/5/2009 post. I don’t buy it.
• Jay Fry reports on Aneesh Chopra’s 8/4/2009 presentation to Palo Alto’s Churchill Club in this detailed U.S. CTO Chopra: 'What can we deliver in 90 days?' post much later the same day:
For the United States' Chief Technology Officer, the first visit to Silicon Valley is probably a bit like a new Secretary of State's first visit to Russia, China, or the E.U. All eyes are on you (is he a partner? adversary?), sizing you up, wondering who you really are and what change you can possibly bring.
For Aneesh Chopra, who took on the role of U.S. CTO in May, the challenge is even bigger: he's the first-ever U.S. CTO in history, with the opportunity to make or break the role. I attended the Churchill Club event Aug. 4 that was part of his first Bay Area trip to get a sense for what he intends to do.
If this quick snapshot is an indication, he’s a refreshingly charismatic personality, with little interest in waiting for the wheels of government to gradually spin through their normal machinations to deliver some eventual results (maybe). He talked innovation. He talked action. He talked about using quick, simple approaches to gnarly topics like visibility into what the government actually does with its $74 billion IT budget. …
• Reuven Cohen’s The Battle for Cloud Application Neutrality post of 8/5/2009 claims “The concept of Cloud Application Neutrality extends upon the core tenets of the existing network neutrality debate” and continues:
It's hard to believe that it's been a year since we first created the Cloud Computing Interoperability Forum (CCIF) with the goal of defining and enabling interoperable enterprise-class cloud computing platforms through application integration and stakeholder cooperation. Over the last 12 months a lot has happened. For me the most notable change has been how the conversation has shifted from "why use the cloud" & "what is cloud computing" to how to implement it. The need for interoperability among vendors has also become a central point of discussion with the concept being included in recent US federal government cloud requirements. But like it or not the battle for an open cloud ecosystem is far from over. …
• Sarah Perez explains Why Cloud Computing is the Future of Mobile in this 8/4/2009 post to the ReadWriteWeb blog:
The term "cloud computing" is being bandied about a lot these days, mainly in the context of the "future of the web." But cloud computing's potential doesn't begin and end with the personal computer's transformation into a thin client - the mobile platform is going to be heavily impacted by this technology as well. At least that's the analysis being put forth by ABI Research. Their recent report, Mobile Cloud Computing, theorizes that the cloud will soon become a disruptive force in the mobile world, eventually becoming the dominant way in which mobile applications operate.
Ryan Dunn’s What Is Windows Azure? 00:06:29 video segment appeared on Channel9 on 8/3/2009:
Just what is Windows Azure? Join me in this brief video for an introduction to Windows Azure. We'll explore its components, the key features, and discuss why you should care.
See the Azure Blob, Table and Queue Services section for Ryan’s other recent Azure video clip. Thanks to David Aiken for the heads-up at New Windows Azure presentations.
• Dimitry Sotkinov wants to normalize Cloud Definitions: NIST, Gartner, Forrester. His 8/4/2009 post favors NIST’s cloud definitions and points to:
… A related [Forester] report: “How To Message “Cloud” Offerings And Not Get Lost In The Fog” – arguing that use of the term “Cloud” – vague and overhyped it is these days – can backfire on you and should be avoided. …
• W. David Gardner claims 'Culture' [is the] Biggest Hurdle To Cloud Computing in this 8/3/2009 InformationWeek article:
Most IT executives are sold on the benefits of cloud computing, but many of their colleagues who are business decision makers still need convincing on the value of the technology, according to a survey released Monday.
A total of 28% of IT execs are planning to deploy private computing clouds by the end of 2009, according to the survey results.
The most-cited benefit (41%) of private cloud computing is its perceived ability to improve efficiency. Other benefits mentioned were: "resource scalability," cited by 18%; "cutting costs," 17%; "experimenting with cloud computing," 15%; and "improving IT responsiveness," 9%.
The survey, conducted by grid and cloud provider Platform Computing, detected a major stumbling block for deployment: 76% of the IT executives believe that business decision makers don't understand the potential value of private clouds. …
Scott Fulton, Managing Editor, Betanews, interviews Jamin Spitzer, Director of Platform Strategy, Microsoft in the Microsoft works to claim its own slice of the cloud article of 8/3/2009, which begins:
It would appear to be the most lucrative new platform in all of computing: the "cloud" -- the space on the Internet from which applications and services can be presented to customers without the need for physical location. It was once called the "grid," but the fact that companies other than IBM managed to effectively rechristen the idea speaks to its inability -- along with everyone else's -- to build a clear and concise message around just what the cloud is.
No one really knows, at least not completely. That's the message we've seen thus far from nearly every major vendor in the cloud space, and it's the message we're seeing from Microsoft as well. Even with a full business plan for Windows Azure, the company's platform for .NET Services in the cloud, its own platform evangelist admitted to Betanews that much of the projected purpose for the service still remains a mystery. Microsoft usually undertakes a platform buildout by leveraging its resources from other platforms (Internet Explorer from Windows, SharePoint from Office, Exchange from Outlook, etc.). And it would seem, at least on paper, that Azure would be leveraged from .NET. …
Rob Enderle reports in his Microsoft Financial Analyst Meeting: Stephen Elop, Bob Muglia post of 8/3/2009 that:
Bob really loves Azure, Microsoft’s cloud solution. While it results in a 20 percent savings to customers, the revenue increase to Microsoft is massive and costs are disproportionately small, potentially increasing related margins dramatically. Evidently, at Microsoft, they really love the cloud.
He brought out Debra Chrapaty of Microsoft's Global Foundation Services. She is clearly not used to large audiences. Stage fright set in big time. She walked through the significant work they are doing in their business on-line services, including improvements in energy efficiency, modular construction and cooling. They evidently roll prefabricated containers on truck beds into a preconfigured site and can be up and running with a major server farm in a matter of days at a new site. It is kind of amazing.
I’d have stage fright, too, if I had to face a roomful of final analysts having received Microsoft’s last quarterly financials.
Lori MacVittie recommends “Apps designed for a cloud should remove the ‘server’ concept,” a Tweet originally posted by John Willis (@botchagalupe) in her Cloud Computing Makes Servers Obsolete post of 8/3/2009. Lori continues:
Rather than referring to a server, we ought to be referring to a resource or a node. I’m partial to node, but that’s because I’m coming at this from an application delivery perspective. Resource, in terms of cloud computing, might be more palatable and accurate to purists but then again we aren’t quite at the point where we’re actually provisioning compute resources. Regardless, moving away from using the term “server” has the effect of removing the emphasis off the physical – or even virtual – server and onto the application or service being delivered. It also better represents the environment as applications really are more akin to nodes in a distributed system in a cloud.
And illustrates her contention with this diagram:
Reuven Cohen reviews the Federal Cloud Computing Initiative by Katie Lewin of GSA presented on June 18, 2009 in his US Federal Cloud Computing Initiative Presentation by GSA post of 8/2/2009:
The no nonsense approach to the cloud terminology is also refreshing. GSA breaks it down into [four]
threeparts:
- Private Cloud - Operated solely for an organization
- Community Cloud - Shared by several organizations and supports a specific community that has shared concerns
- Public Cloud - Made available to the general public or a large industry group and is owned by an organization selling cloud services
- Hybrid Cloud - Composition of two or more clouds (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability
I found slide 11 (Phased Approach for Delivering Cloud Computing) particularly interesting. It outlines a rather ambitious 9 month strategy to rollout a Government focused SaaS, PaaS and IaaS platform by March 2010.
<Return to section navigation list>
Cloud Security and Governance
• Microsoft’s Virtualization Planet Blog reports Windows Server 2008 Hyper-V earns Common Criteria Certification on 8/5/2009:
There’s been a lot of great news out lately on Hyper-V but I want to highly an important security related item. Windows Server 2008 Hyper-V has just received Common Criteria Certification at EAL 4+ assurance. This certification is vital for many virtualization users, especially government agencies). You can access the PDF of the certification document here.
It’s interesting that the product received the certification before being released to manufacturing.
• Sarah Perez wonders if The Cloud Isn't Safe?! (Or Did Black Hat Just Scare Us?) in this 8/5/2009 post to the ReadWriteWeb:
At last week's Black Hat USA conference in Las Vegas, a number of security researchers demonstrated new ways of attacking cloud computing services. One of the more notable presentations, "Clobbering the Cloud," looked at the vulnerabilities in Amazon's cloud infrastructure, Apple's MobileMe service, and Salesforce.com's cloud platform. Another demonstration showed how both Microsoft and Amazon used insecure methods for password retrieval. And still another presentation examined how the supposedly secure protocol SSL could be defeated.
But hacks alone aren't the only dangers to be found when moving to the cloud, as the Black Hat presentations quickly made clear. In reviewing the dangers brought up by the researchers, it was enough to make anyone wonder: is cloud computing putting us and our data at risk? [Emphasis Sarah’s]
• Lori MacVittie’s Cloud Changes Cost of Attacks post of 8/5/2009 attempts to quantify the cost of downtime as the result of attacks or other problems:
For some companies there’s never been a quantifiable financial impact from attacks. Cloud may change that.
One of the frustrations with information security is that it’s always difficult – if not impossible – to quantify risk. Without the ability to quantify risk, it’s often the case that solutions that would mitigate the risk are left unimplemented because there’s no way to prove that the risk would turn into a breach, downtime, or other revenue impacting incident. …
• Reuven Cohen (@ruv) Tweet-votes for Chris Hoff (@Beaker) as the new U.S. Cybersecurity Czar on 8/5/2009. Melissa Hathaway, a senior intelligence official who completed the administration's cybersecurity review in April, said she has stepped down for personal reasons, according to The Wall Street Journal.
• Eric Chabrow’s Cyber Czar Waiting Game post of 8/4/2009 suggests a more significant stumbling block to filling the job:
[H]aving two bosses, each with strong personalities and their own power centers in the White House. Who would want two bosses like that?
I wouldn’t.
• Eric Chabrow describes his podcast interview with Howard Schmidt in his Confront the IT Security Challenge - Interview with Cybersecurity Sage Howard Schmidt post of 8/4/2009:
Little wonder that Howard Schmidt's name is on every list of prospective White House cybersecurity czar. In the field of IT security, Schmidt has done it all.
He spent more than 30 years in public service, including a stint as a White House special adviser on cyberspace security and as chief strategist for the US-CERT Partners Program at Homeland Security. He serves on an IT privacy board that advises the National Institute of Standards and Technology, the Commerce Department and White House.
In the private sector, Schmidt has held top IT security posts at Microsoft and eBay. An author of two IT security books, Schmidt has academic affiliations with Georgia Institute of Technology, Carnegie Mellon and Idaho State University.
Schmidt is the first and current president of the Information Security Forum, an independent, not-for-profit association aimed harnessing the brainpower of public and private-sector experts in IT security and risk management.
It’s clear that Schmidt represents serious competition for @Beaker.
• John Pescatore asks Is OpSec An Endangered Species? in this 8/5/2009 post to the Garter Blog Network:
Yesterday’s “Twelve Word Tuesday” post (”If humans use a technology, businesses employing humans will contain, not block”) was in reference to reports that, in respose to security issues, the US DoD Strategic Command was looking into the security issues of allowing military use of social networks. This announcement came at about the same time the US DoD Principal Deputy Assistant Secretary of Defense for Public Affairs (or, as his close friends call him, Pdas Dpa) was touting DoD use of social media. This is happening at most government agencies, where the Obama administration has put “new media” officers in most Departments Public Affairs office to drive government engagement with citizens through social media, Web 2.0 and the like. …
• Vivian Yeo’s Put security, savings on par in cloud post of 8/5/2009 for ZDNet Asia quotes PGP Corporation’s CEO, Philip Dunkelberger:
"[In trying to balance] efficiency and economics in a very tough economic time, I think what might suffer--if people aren't careful--is the security of the data you're passing between the cloud provider and your own environment," said Dunkelberger.
He added: "You don't want to lose all your cost savings by having a data breach [and] by getting into a costly jurisdictional battle over the right of government to review the data you might be storing in somebody's data center, and who has access to it."
According to Dunkelberger, the security capabilities of current cloud computing providers range from "excellent to poor". Cloud players that truly understand security concerns have comprehensive plans, while others simply point to service level agreements. "There's a big distance between somebody specifically telling you how they are going to protect your data, and somebody saying it's in the contract," he pointed out.
PGP is a charter founding member of the Cloud Security Alliance, which put forth a best practices guidance document in April.
• Kevin Skapinetz posits Cloud computing security: A requirement, not an afterthought in this 8/5/2009 article for the SC Magazine site:
Cloud computing blends creative, technical, and economic possibilities. To some, it involves techno-hyperbole and comparisons to disruptive innovations of our past. To others, it represents a paradigm shift -- one that complements the world's ever-increasing devices, data and communications. Unless you're a die-hard skeptic, it's hard not to get excited.
Security professionals, however, whose deep-rooted skepticism is often a necessary evil of the job, focus on the cloud's potential to add new complexity, risk, and points of exploitation into their IT infrastructures. These concerns usually stem from two key aspects of cloud computing – storing data on someone else's hardware and the sharing of that infrastructure with other users on a massive scale.
Kevin is a technology strategist for IBM Internet Security Systems.
• Reuven Cohen’s A Trusted Cloud Entropy Authority post of 8/4/2009 builds on a recent Forbes magazine article that voices concern about creating of sufficiently random numbers to encrypt data securely:
This is an incomplete thought, but I thought I'd take a moment to describe it a bit. In a recent article on Forbes a group of security researchers have brought to light one of the stranger problems that could potentially undermine cloud computing's cyber / cloud security, apparently it's not chaotic enough.
The [F]orbes article describes "a presentation Thursday at the Black Hat cybersecurity conference in Las Vegas, iSec Partners researcher Alex Stamos pointed to what he described as a fundamental problem with cloud computing setups that use virtualization software to partition servers into "images," which are then rented out to customers. Although packing those virtual machines into cloud providers' data centers provides a more flexible and efficient setup than traditional servers, Stamos, along with fellow presenters Andrew Becherer and Nathan Wilcox, argued that virtual machines suffer from a rarely discussed flaw: They don't always have enough access to the random numbers needed to properly encrypt data." …
This is a very interesting problem. Although not specifically a cloud related it certainly could have implications for virtualization based infrastructure. One of the more insightful ideas to combat the lack of "entropy" comes from a comment on slashdot by Brian Gordon.
Gordon says "How about getting signed entropy from a trusted server on the network/internet?"
Gordon's comments did get me thinking, maybe there an opportunity to create a trusted cloud authority to provide signed verified and certified entropy. Think of it like a certificate authority (CA) but for chaos. Actually, Amazon Web Service itself could act as this entropy authority via a simple encrypted web service call. I even have a name for it, Simple Entropy Service (SES).
• Reuven Cohen fights The Battle for Cloud Application Neutrality in this 8/4/2009 post:
… In a BusinessWeek article Spencer Ante notes that "The future of the wireless Web may be at stake. As in there are two different Internets: the open landline Internet and the controlled wireless Internet." Similarly I believe the problem isn't just limited to wireless providers, a similar dichotomy exists within the emerging cloud service provider ecosystem. Cloud computing is at a crossroads and faces the very real potential of becoming a series of "wall gardens" where information and capacity exists behind a series of proprietary API's and application storefronts. We need to take steps now to make sure this doesn't happen.
• Kevin Jackson introduces Sevatec, a New Player in the Federal Cloud Computing Market on 8/4/2009:
Just in time for the new Federal Cloud Computing Storefront, Sevatec, Inc. is announcing the development of a toolkit to help federal agencies transform their enterprise architectures to cloud computing more effectively and seamlessly. With last week's General Services Administration (GSA) Request For Quotation (RFQ) release for the US Federal Cloud Computing Initiative, Sevatec may be positioning itself well. As part of the GSA Federal Supply Service Schedule 70, the RFQ process will grant agencies direct access to pre-authorized, commercial experts capable of delivering cloud computing products and services. …
Chris Hoff (@Beaker) rereleases his 10/27/2007 You Want the Truth? You Can’t Handle the Truth… saga, adapted from the script of "A Few Good Men", about “the unnatural attachment to implementing technology rather than solving business problems right after a botched cover-up of (and if this isn’t serendipity…) a ‘Code Red’” in his Colonel Jessup, Did You Order the Cloud Dead!? post of 8/3/2009:
Jessep: You want answers about securing the Cloud?
Kaffee : I think I’m entitled to them. …
Kaffee: Did you order the Cloud dead?
Jessep: You’re goddamn right I did!!
John Treadway’s Skytap Does Window[s] (7) post of 8/3/2009 reports:
Skytap announced today a Windows 7 cloud-based testing solution for ISVs and corporate developers. Testing is one the oft-cited use cases for cloud computing in the enterprise. For many companies the cost of provisioning and managing testing infrastructure can be very expsnsive. With Windows 7 due in a few months, and many reviewers giving it big thumbs up over Vista, there may be a huge opportunity for Skytap to help companies get ready for this conversion.
If you are an ISV or corporate development organization needing to support Windows 7, you should check out Skytap.
Jonathan Zittrain replies to Bernard Gordon’s CIO article in Computerworld’s Cloud Debate: Zittrain Counters CIO.com Criticism article of 8/3/2009. Zittrain says:
CIO - Consultant Bernard Golden has some intense reactions to my recent piece in the New York Times on cloud computing. In it I shared some basic worries-and one advanced worry-to be dealt with. I'll boil them down a little further here.
The basics: privacy, security, and data portability. When your data is in someone else's hands, it's given less protection under the law than if it were on your hard drive. E-mail in Outlook is given more protection from government surveillance than e-mail at Gmail. That's an unfair tilt in the playing field against cloud enterprises, and the law ought to be fixed.
Felix Gaehtgens’ Microsoft: minimum disclosure about minimum disclosure post of 8/3/2009 complains:
Well – it’s been a year [since Microsoft acquired U-Prove], and the only “minimum disclosure” that we can see is Microsoft’s unwillingness to talk about it. The debate is heating up around the world about different governments’ proposals for electronic passports and ID cards. Combined with the growing dangers of identity theft and continued news about spectacular leaks and thefts of personal information, this would really make our days. Unless you’re a spammer or identity thief of course.
You can read more about U-Prove’s miminal disclosure technology and Microsoft’s intention to incorporate it’s technology into Geneva here.
Andre Yee asks Cloud Computing Security Risks - Are They Real? in this 8/1/2009 post which covers the following topics:
- Encrypting Data-at-Rest
- Security Policy Control
- The Human Factor
<Return to section navigation list>
Cloud Computing Events
• Microsoft’s Professional Development Conference (PDC) 2009 team has posted abstracts of the first few Azure-related session for PDC 2009, to be held November 16 thru 19, 2009 at the Los Angeles Convention Center.
Nigel Ellis: Development Best Practices and Patterns for Using Microsoft SQL Azure Databases - SQL Azure provides a fully relational database service that is based on Microsoft SQL Server and familiar concepts such as T-SQL, schema-based tables, and stored procedures. Learn patterns and best practices for developing resilient applications that allow you to take full advantage of the scale and elasticity of SQL Azure Database Service.
Steve Marx: Building Applications for the Windows Azure Platform - Come hear how the Windows Azure Platform provides a scalable compute and storage environment with Windows Azure, a fully relational database with SQL Azure, and a service bus and access control service with the Microsoft .NET services. Learn about these new services and see several demos that show how to build applications that run in and take advantage of Microsoft’s new cloud platform.
Andrew Bybee: Developing xRM Solutions Using Windows Azure - Come learn how Microsoft Dynamics CRM can be used to rapidly develop on-premises or services-based "anything" Relationship Management (xRM) applications on the Microsoft platform. See how to develop high scale, connected business solutions that extend to the cloud using current and future versions of the xRM platform and Windows Azure.
Chris Auld: Architecting and Developing for Windows Azure - The workshop will focus equipping attendees with the skills to architect and develop real world applications using Windows Azure. Going beyond ‘demo-ware’ we will examine the theory and technical implementation of large scale elastic applications. It is expected that attendees will have some prior experience with Windows Azure and the Azure Services Training Kit is a recommended pre-requisite.
During this full-day workshop, we will discuss approaches to delivering the best raw performance from our Windows Azure applications, and how to achieve linear scale-out through the use of additional instances. We will also discuss data management approaches using Windows Azure and SQL Azure’s partitioning capabilities. Lastly, we will examine patterns for deploying Windows Azure applications reliably and with minimal or no impact on the end user experience, and the security environment within which Windows Azure operates, along with ways to provide a bridge between on-premises and cloud based identity assets and applications.
The early-bird registration fee is US$1,595 before 9/15/2009. Regular fee is US$2,095 after 9/15/2009. The site doesn’t say what the fee would be if paid on 9/15/2009. The workshop fee is US$395 with conference registration, US$495 without.
When: 11/16-11/19/2009 (Including workshops on 11/16/2009)
Where: Los Angeles Convention Center, 1201 South Figueroa Street, Los Angeles, CA USA
• Mike Swanson and Jennifer Ritzinger will bring you a weekly 10-minute Channel9 video update, Countdown to PDC09: 10 Minutes Gets You the Goods:
The PDC crew will share with you what’s new in the planning process, and will feature interviews with speakers and team members working on the conference. In the inaugural Countdown episode for PDC09, we cover what the PDC is about, who goes, keynotes, pricing, and a whole lot more until the timer rings telling us we are out of time.
• Reuven Cohen reports in his U.S. DoD Holding Cloud Computing "Show & Tell" Workshop post of 8/5/2009:
When: October 2009 (TBD)For anyone not currently working with US Department of Defense, but are interested in offering the DoD cloud computing & related network technology. The Defense Venture Catalyst Initiative (DeVenCI) will conduct a workshop this October in the Baltimore MD / Washington DC area to help discover emerging technologies relevant to the Department of Defense (DoD) Global Information Grid (GIG). The workshop will provide selected innovative companies who do not normally conduct business with the Department of Defense with an opportunity to make short presentations to DoD representatives about their technologies and products. …
Companies interested in applying for participation in this workshop should contact DeVenCI via e-mail at devenci@osd.mil for an application. All applications must be received on or before August 7, 2009. Selected companies will be responsible for their travel and all other expenses associated with participation in this workshop which will be held in the October timeframe. [Emphasis added.]
Where: Baltimore, MD or Washington DC, USA
• SOASymposium will colocate the 1st International Cloud Symposium with the 2nd International SOA Symposium at the Rotterdam World Trade Center on October 22-23, 2009 with preceding “Cloud Computing and SOA Workshops” on October 19-21, 2009. The workshops will offer the following courses:
- Fundamental Cloud Computing & SOA (October 19, 2009)
- Advanced Cloud Computing & SOA (October 20, 2009)
- Cloud Computing & SOA Lab (October 21, 2009)
Where: Rotterdam World Trade Center, Rotterdam, Netherlands
• Forrester Research will present a Creating Your Enterprise Cloud Computing Strategy workshop on September 30, 2009 in Dallas, TX:
Cloud computing lets companies access pay-per-use Internet technology services without needing knowledge of, expertise with, or control over the infrastructure that supports them, yielding significant economies of scale. This Workshop helps the critical IT players (IT Infrastructure & Operations professionals, Application Development & Program Management professionals, Enterprise Architecture professionals, and CTOs) formulate a winning cloud computing adoption plan.
In this Workshop, Forrester analysts John Rymer and James Staten, will help you capture the benefits of cloud computing by teaching you, how to:
- Add the right cloud elements to your portfolio of IT services to optimize efficiencies
- Design a realistic adoption plan
- Set policies for cloud use - and position this new class of platform products
- Avoid the risks of availability, security, and vendor lock-in
Registration fee is US$1,975.
When: 9/30/2009
Where: Dallas, TX USA
• Kevin Jackson reports NCOIC Holding Full Day Cloud Computing Session in his 8/5/2009 post:
When: 9/23/2009The Network Centric Operations Industry Consortium (NCOIC) will be holding a one-day cloud computing session during its plenary meetings, 21-25 September at the Fair Lakes Hyatt in Fairfax, VA. A complimentary workshop on NetCentric Patterns will also be held Wednesday morning that week.
The NCOIC is a unique collaboration of premier leaders in the aerospace, defense, information technology, large-scale integrator and services industries. The Consortium works in tandem with customers from around the world, each with a specific mission, to provide a set of tools that enable the development of network centric capabilities and products. An example of the consortium's unique capabilities the recent agreement between NCOIC and the U.S. Federal Aviation Administration (FAA) to advance the Enterprise Architecture of NextGen, FAA’s national airspace (NAS) transformation program. The NCOIC will analyze and evaluate NextGen’s enterprise architecture views, products, plans, net-centric patterns and operational concepts. Working collaboratively, its members will develop “voice of industry” recommendations about applying net-centric standards to the NextGen procurement, as a way to achieve interoperability in the NAS and, potentially, the skies beyond U.S. borders. …
Registration for the plenary [session] is now available at https://www.ncoic.org/events/plenaries_council/.
Where: Fair Lakes Hyatt hotel, Fairfax, VA USA
• Chris Harding posted Notes from CloudCamp and The Open Group in Toronto to the Cloud Camp Google Group on 8/5/2009:
… The direction of the group is determined by Open Group members, but you
don't have to be a member to participate - everyone can join in the
discussions. You can find out more at
http://www.opengroup.org/cloudcomputingThe CloudCamp was ably led by Scott Radeztsky. We started with a general
session in which Scott welcomed everyone and invited volunteers to step
forward to give brief lightning talks and answer audience questions in
an unpanel. He then identified 16 topics of interest for which
volunteers offered to moderate unconference sessions. …
• Barb Mosher announces an upcoming Webinar about cloud-based contentent management systems (CMS) in her The Economics of SaaS Enterprise CMS, Making ROI Sense post of 8/3/2009:
When: 8/6/2009, 10:00 AM PDTJoin in this [Webinar] Thursday at 1:00 PM Eastern time for a complimentary one-hour live webinar. The host will be Dan Carmel, a respected content management authority.
Dan will be discussing:
- Factors that go into calculating the total cost of ownership (TCO)
- Costs and benefits of SaaS vs on-premises software
- How to achieve high return on investment while reducing risk
- Who’s buying SaaS solutions, and why
- When SaaS is not the right answer
Dan will also talk about SaaS integration strategies that drive ROI by leveraging other SaaS and on-premise applications such as SharePoint and Force.com.
Where: Internet. Register now for The Economics of SaaS vs. On Premises Solutions Webinar.
• IDG announces the simultaneous presentation of Open Source World (formerly Linux World), Next-Generation Data Center and Cloud World conferences at San Francisco’s Moscone Center West on August 12-13, 2009.
Haroon Meer, Nick Arvanitis and Marco Slaviero presented Clobbering the Cloud! (“Using and Abusing the Cloud”) at the Black Hat USA+2009 conference. You can see the session slides here.
<Return to section navigation list>
Other Cloud Computing Platforms and Services
• James Manyika, a McKinsey director, interviews Cisco’s John Chambers in this July 2009 McKinsey conversations with global leaders: John Chambers of Cisco video and transcript. Site registration might be required.
John Foley reports in his Amazon Outpaces Google In Part Of The Cloud post of 8/3/2009 to InformationWeek’s Plug Into the Cloud blog:
New analysis of infrastructure-as-a-service providers shows that Amazon Web Services is used for Web hosting by 20 times more sites than Google App Engine. AWS usage for site hosting grew 9% in just one month this summer, the equivalent of a 181% annual growth rate.
The analysis was done by Guy Rosen, founder of a stealth-mode cloud startup called InfiBase, which used proprietary scanning tools to analyze the top 500,000 Web sites indexed by Quantcast. InfiBase was looking for usage data on five cloud services: Amazon EC2, GoGrid, Google App Engine, Joyent, and Rackspace's Slicehost.
Amazon EC2 ranked highest, in use by 1,550 of the half-million site analyzed, followed by Rackspace Cloud Servers (1,373 sites), Joyent (205 sites), Google App Engine (78 sites), and GoGrid (42 sites). Parsing the data, InfiBase determined that the number of Web sites hosted on Amazon EC2 grew 9% from July to August. It also found that 178 sites were new to EC2 in the past month, while 50 sites dropped EC2, indicating a churn rate roughly of one lost customer for every three that Amazon signs. …
Neither Amazon nor Google publish statistics for their IaaS and PaaS operations, which makes the preceding information more valuable.
Alex Luft’s Cutting The Cord: What Apple Will Really Do With Its $1 Billion Server Farm post of 8/3/2009 claims:
Earlier in May, word got out that Apple is planning to invest $1 billion in a server farm. The facility, to be located in the State of North Carolina, will follow a similar (albeit smaller) $600 million undertaking by Google. As could be expected, analysts, bloggers, and the Twitterverse the world over speculated about the possible uses for the investment, but I don’t think anyone hit the nail squarely on the head. I think Apple will use its new server farm to completely cut the cord between its iPhone product line and the desktop. And it will do so in a big way. [Emphasis Alex’s.
John Furrier writes in Cloud Collision – The Angle on Why Dr. Eric Schmidt Is History from Apple’s Board of Directors on 8/3/2009 for siliconANGLE:
[Schmidt’s resignation] is about future strategy of Apple and Google. Board conflict is just the general issue that seems to get everyone’s attention. It’s not about that. It’s about the “Cloud Collision”. …
Here it’s very simple Apple and Google clash on not so much today but strategy going forward – the next 5 years. It’s clear the smartphone issue is obvious but what isn’t is the future of who powers the smartphone apps?
It’s not just the smartphone and the recent Google Voice FCC lobbied investigation (as many top bloggers have pointed out). Instead the battlefield is the “cloud play”.