Wednesday, April 28, 2010

New Guidance for Identity & Access Management from the Cloud Security Alliance

This month the Cloud Security Alliance released a document outlining guidance for Identity and Access Management for the cloud, along these points:

- Identity Provisioning
- Authentication
- Federation
- Access Control and User Profile Management
- Identity as a Service (IDaaS)

The document is very good overall. If I had one comment, I'd say it's rather idealistic how it starts from the standards and builds out from there. Many identity management and access control products had APIs other than XACML and SPML, and it could be argued that the real value of a product such as a Cloud Service Broker is that it understands the proprietary protocols used by IdM tools, not just the standards [which the document acknowledges are not always implemented by IdM products].

Today Vordel announced membership of the Cloud Security Alliance, and we're looking forward to helping work on work such as this in the future.

Monday, April 19, 2010

Oracle goes all in on Private Cloud - at Cloud Expo New York

In the program for the Cloud Expo, Microsoft has an advertisment which says it's "All in" for Cloud Computing. But in the Oracle opening keynote, given by Richard Sarwal and Hasan Rizvi, Oracle has shown that it's "All in" for Private Cloud.

The overall goal, as articulated by both Oracle speakers, is to provide an enterprise ready Private Cloud environment.

They described a stack of WebLogic Server and Tuxedo, both leveraging Coherence cache-management, powered by JRockit and HotSpot, and managed by Oracle Enterprise Manager. All of this sits on Oracle Enterprise Linux or Oracle Solaris, which in turn runs on Oracle VM. With this, they said, "Oracle has delivered the Foundation for PaaS". Rather than an enterprise constructing a similar stack on top of an IaaS infrastructure, there is "less to build" by using such a PaaS infrastructure. Both speakers spoke of the benefits of this, in terms of shared pre-built services for security, identity management, and "all the abilities" including scalability and availability. They didn't elaborate on the identity services, but clearly a Security Token Service would be one example.

Two significant announcements were (a) a way to run WebLogic right on the hypervisor which "will take the OS out of the equation" [though a cut-down OS will still be used, for process and thread scheduling and for networking], and (b) the "Oracle Virtual Assembly Builder" which is a GUI environment for creating applications leveraging this PaaS infrastructure. [ Additional note: William Vambenepe has more on these two announcements in his blog post ]

In the spirit of "eating our own dogfood", they gave examples of internal Oracle usage of Private Cloud infrastructure for development and Oracle University internal training (though they acknowledged that this usage has been called "server farms" and "grids" thus far).

And what about Storage as a Service, which many of see as an obvious Cloud play for Oracle? Hasan Rizvi noted that "we know a thing or two about data management", but didn't elaborate...

Thursday, April 15, 2010

CTO Edge podcast on the strategic role of the Cloud Service Broker

Just this Monday I did a podcast interview with Mike Vizard from CTO Edge, about the strategic role which Cloud Service Brokers will play in solving problems of Cloud integration. Mike and his team turned around the podcast production very fast, and it's already available up on the CTO Edge site! I hope you find it useful.

Wednesday, April 14, 2010

SiliconRepublic covers Vordel's 85% revenue increase

John Kennedy from Silicon Republic covers Vordel's recent revenue figures:
In Q1 2010, Vordel added 10 enterprise customers in new markets including retail, human resources and online gaming, as well as generating business in the banking and government sectors.

Some recent new customer signings include the Department of Homeland Security, US Department of Justice, FAA, ASR Nederland, BNP Paribas Fortis Bank, 3, Barclays Bank and an OEM partnership with Bull Group.

The company's rapid growth demonstrates that Vordel has consolidated its position as the premier provider of high-performance, enterprise-level hardware and software products enabling enterprises to confidently deploy SOA and cloud-linked applications.

The company's flagship product, the Vordel Gateway, is widely recognised as the fastest and most powerful SOA appliance on the market today.

The company also offers the Vordel Cloud Service Broker product, enabling a migratory path for large enterprises seeking to leverage cloud computing in a secure and controlled manner. The company is running a pilot invitational program for Vordel Cloud Service Broker.

http://www.siliconrepublic.com/news/article/15840/cio/vordel-grows-revenues-85pc-on-cloud-security-promise
The figures are noteworthy because SOA and Cloud Computing does not benefit every vendor. In the words of Goldman Sachs in their Data Center Techtonics report "A paradigm shift for IT: The Cloud", Cloud Computing can be seen as a "deflationary technology", since it can reduce enterprise IT spend and consolidate large IT spending with a smaller group of large Cloud service providers. However, the shift to Cloud benefits those vendors (such as Vordel) who are drivers of the technology changes, with products such as the Cloud Service Broker which enables an enterprise to make use of Cloud Computing in a controlled and managed manner.

Here is a link to a previous Silicon Republic news article about Vordel, also written by John Kennedy: http://siliconrepublic.com/news/article/15669/cio/vordel-working-with-dell-amazon-to-secure-biz-cloud

Tuesday, April 13, 2010

Security, Availability, and Performance - Sound familiar?

It's worth revisiting the IDC Study on the key challenges facing Cloud Computing. The top three are: Security, Availability, and Performance.



Availability is often seen as being under the general "security" umbrella (e.g. a Denial-of-Service attack affects availability), so #1 and #2 are linked.

#3 on the list, performance, has particular relevance to Cloud Service Broker models, since it is vital that anything which is acting as an intermediary between the consumer and the cloud must not introduce undue latency. This is also a consideration in the world of SOA, where intermediaries (an XML Gateway) must be high-performance, and must also, in fact, offload functionality from applications (thus providing acceleration).

A Cloud Service Broker also addresses the interoperability issues which are seen further down IDC's list, by smoothing over the differences between Cloud APIs, and indeed between different versions of the same Cloud API from the same Cloud provider.