stu nicholls dot com | menu - Professional dropdown #3

click here


Standards make the World Wide Web go around, and by extension, they are important to cloud computing. Standards are what make it possible to connect to the cloud and what make it possible to develop and deliver content.

The technology industry has changed dramatically over the last 10 years. In economic times like these, leading companies are looking to cloud-computing platforms to deliver business functions ranging from packaged business applications to custom application development at a fraction of the time and cost of traditional on-premises platforms. With this growth in enterprise use of cloud-computing comes a corresponding increase in responsibility on the part of vendors to provide cloud-computing platforms that offer outstanding service delivery.
The CIOs of the largest financial and network security companies require that cloud-computing platforms meet the highest standards of service. After all, they're entrusting them with critical corporate data.
Seven standards outlined below. They're the building blocks of the best practices every successful cloud-computing platform should follow:
1. World-class security – Provision world-class security at every level.
2. Trust and transparency – Provide transparent, real-time, accurate service performance and availability information.
3. True multitenancy – Deliver maximum scalability and performance to customers with a true multitenant architecture.
4. Proven scale – Support millions of users with proven scalability.
5. High performance – Deliver consistent, high-speed performance globally.
6. Complete disaster recovery – Protect customer data by running the service on multiple, geographically dispersed data centers with extensive backup, data archive, and failover capabilities.
7. High availability – Equip world-class facilities with proven high-availability infrastructure and application software.


1. World-Class Security

Security is more than just user privileges and password policies. It's a multidimensional business imperative, especially for platforms that are responsible for customer data. Cloud-computing platforms must have detailed, robust policies and procedures in place to
guarantee the highest possible levels of:

2. Trust and Transparency


3. True Multitenancy

Leading Web applications—including Google, eBay, and Salesforce CRM—run on a single code base and infrastructure shared by all users. A multitenant architecture allows for high scalability and faster innovation at a lower cost. Single-tenant systems,
on the other hand, are not designed for large-scale cloud-computing success. The internal inefficiencies of maintaining a separate physical infrastructure and/or separate code lines for each customer make it impossible to deliver quality service or innovate quickly. Multitenancy provides customers with the following benefits:

4. Proven Scale

With any cloud-computing service, customers benefit from the scale of the platform. A larger scale means a larger customer community, which can deliver more and higher-quality feedback to drive future platform innovation. A larger customer community also provides rich opportunities for collaboration between customers, creating communities that can share interests and foster best practices. Cloud-computing platforms must have:

5. High Performance

Cloud-computing platforms must deliver consistent, high-speed systems performance worldwide and provide detailed historical statistics to back up performance claims, including:

6. Complete Disaster Recovery

Platforms providing cloud-computing services must be flexible enough to account for every potential disaster. A complete disaster recovery plan includes:

7. High Availability

Any platform offering cloud-computing applications needs to be able to deliver very high availability.
Requirements for proving high availability include:




A cloud application is the software architecture that the cloud uses to eliminate the need to install and run on the client computer. There are many applications that can run, but there needs to be a standard way to connect between the client and the cloud. In this section we'll take a closer look at the protocols that are used to manage connections between both parties.

Computers need a common way to speak with one another. Think of it like talking on the telephone to someone who doesn't speak English and you don't speak their language. There's no way to achieve a common understanding. You may be able to guess a word here or there, but for the most part, the conversation won't work. Computers can't even guess a common word, so without a language in common, that communication won't happen.

To get a web page from your cloud provider, you'll likely be using the Hypertext Transfer Protocol (HTTP) as the computing mechanism to transfer data between the cloud and your organization. HTTP is a stateless protocol. This is beneficial because hosts do not need to retain information about users between requests, but these forces web developers to use alternative methods for maintaining users' states. For example, when a host needs to customize the content of a web site for a user, the web application must be written to track the user's progress from page to page. The most common method for solving this problem is sending and receiving cookies.

The Extensible Messaging and Presence Protocol (XMPP) is being talked about as the next big thing for cloud computing. The problem is that current cloud services—including SOAP and other HTTP-based protocols—are all one-way information exchanges. This means that clouds do not operate in real time and might have difficulties clearing a firewall. XMPP allows for two-way communication and eliminates polling.

Securing your cloud sessions is especially important as security is one of the top reasons Businesses are reluctant to join the cloud. Securing your cloud sessions can be accomplished via encryption and authentication. The most prevalent means of web encryption comes standard on every browser. Authentication is another matter, with several options open to you. Here we'll talk about the widely used Secure Sockets Layer (SSL) for Encryption, and one means of authentication, OpenID.

The last time you bought something from your favorite online retailer, you passed along your credit card information, probably using Secure Sockets Layer (SSL). SSL is the standard security technology for establishing an encrypted link between a web server and browser. This ensures that data passed between the browser and the web Server stays private.
To create an SSL connection on a web server requires an SSL certificate. When your cloud provider starts an SSL session, they are prompted to complete a number of questions about the identity of their company and web site. The cloud provider's computers then generate two cryptographic keys—a public key and a private key.
The public key does not need to be secret and is placed into a Certificate Signing Request (CSR). This is a file that contains your details. You then submit the CSR. During the SSL certificate application process, the certification authority will validate your details and issue an SSL certificate, containing your details, allowing you to use SSL. The cloud provider will then match your issued SSL certificate to your private key. Your web browser will be able to establish an encrypted link between your computer and the cloud provider.



Cloud Computing: A Practical Approach By

Anthony T. Velte
Toby J. Velte, Ph.D.
Robert Elsenpeter

The Seven Standards of
Cloud Computing Service Delivery
By Sales

NIST Cloud Computing
Standards Roadmap
National Institute of Standards and
Technology (NIST)


Google Images


Our aim is to provide information to the knowledge seekers. 

comments powered by Disqus
click here
click here