Standards


Standards make the World Wide Web go around, and by extension, they are important to cloud computing. Standards are what make it possible to connect to the cloud and what make it possible to develop and deliver content.


The technology industry has changed dramatically over the last 10 years. In economic times like these, leading companies are looking to cloud-computing platforms to deliver business functions ranging from packaged business applications to custom application development at a fraction of the time and cost of traditional on-premises platforms. With this growth in enterprise use of cloud-computing comes a corresponding increase in responsibility on the part of vendors to provide cloud-computing platforms that offer outstanding service delivery.
The CIOs of the largest financial and network security companies require that cloud-computing platforms meet the highest standards of service. After all, they're entrusting them with critical corporate data.
Seven standards outlined below. They're the building blocks of the best practices every successful cloud-computing platform should follow:
1. World-class security – Provision world-class security at every level.
2. Trust and transparency – Provide transparent, real-time, accurate service performance and availability information.
3. True multitenancy – Deliver maximum scalability and performance to customers with a true multitenant architecture.
4. Proven scale – Support millions of users with proven scalability.
5. High performance – Deliver consistent, high-speed performance globally.
6. Complete disaster recovery – Protect customer data by running the service on multiple, geographically dispersed data centers with extensive backup, data archive, and failover capabilities.
7. High availability – Equip world-class facilities with proven high-availability infrastructure and application software.

1. World-Class Security

  • Provision world-class security at every level.

Security is more than just user privileges and password policies. It's a multidimensional business imperative, especially for platforms that are responsible for customer data. Cloud-computing platforms must have detailed, robust policies and procedures in place to
guarantee the highest possible levels of:

  • Physical security
  • Network security
  • Application security
  • Internal systems security
  • Secure data-backup strategy
  • Secure internal policies and procedures
  • Third-party certification

2. Trust and Transparency

  • Provide transparent, real-time, accurate service performance and availability information.
  • Cloud-computing platforms should provide customers with detailed information about service delivery and performance in real time, including:

  • Accurate, timely, and detailed information about service performance data and planned maintenance activities
  • Daily data on service availability and transaction performance
  • Proactive communications regarding maintenance activities

3. True Multitenancy

  • Deliver maximum scalability and performance to customers with a true multitenant architecture.

Leading Web applications—including Google, eBay, and Salesforce CRM—run on a single code base and infrastructure shared by all users. A multitenant architecture allows for high scalability and faster innovation at a lower cost. Single-tenant systems,
on the other hand, are not designed for large-scale cloud-computing success. The internal inefficiencies of maintaining a separate physical infrastructure and/or separate code lines for each customer make it impossible to deliver quality service or innovate quickly. Multitenancy provides customers with the following benefits:

  • Efficient service delivery, with a low maintenance and upgrade burden
  • Consistent performance and reliability based on an efficient, large-scale architecture
  • Rapid product release cycles

4. Proven Scale

  • Support millions of users with proven scalability.

With any cloud-computing service, customers benefit from the scale of the platform. A larger scale means a larger customer community, which can deliver more and higher-quality feedback to drive future platform innovation. A larger customer community also provides rich opportunities for collaboration between customers, creating communities that can share interests and foster best practices. Cloud-computing platforms must have:

  • Proof of the ability to scale to hundreds of thousands of subscribers
  • Resources to guarantee the highest standards of service quality, performance, and security to every customer
  • The ability to grow systems and infrastructure to meet changing demands
  • Support that responds quickly and accurately to every customer
  • Proven performance and reliability as customer numbers grow.

5. High Performance

  • Deliver consistent, high-speed performance globally.

Cloud-computing platforms must deliver consistent, high-speed systems performance worldwide and provide detailed historical statistics to back up performance claims, including:

  • Average page response times
  • Average number of transactions per day

6. Complete Disaster Recovery

  • Protect customer data by running the service on multiple, geographically dispersed data centers with extensive backup, data archive, and failover capabilities.

Platforms providing cloud-computing services must be flexible enough to account for every potential disaster. A complete disaster recovery plan includes:

  • Data backup procedures that create multiple backup copies of customers' data, in near real time, at the disk level
  • A multilevel backup strategy that includes disk-to-disk-to-tape data backup in which tape backups serve as a secondary level of backup, not as the primary disaster-recovery data source. This disk-oriented model ensures maximum recovery speed with a minimum potential for data loss in the event of a disaster.

7. High Availability

  • Equip world-class facilities with proven high availability infrastructure and application software.

Any platform offering cloud-computing applications needs to be able to deliver very high availability.
Requirements for proving high availability include:

  • Facilities with reliable power, cooling, and network infrastructure
  • High-availability infrastructure: networking, server infrastructure, and software
  • N+1 redundancy
  • Detailed historical availability data on the entire service, not just on individual servers

Application:

A cloud application is the software architecture that the cloud uses to eliminate the need to install and run on the client computer. There are many applications that can run, but there needs to be a standard way to connect between the client and the cloud. In this section we'll take a closer look at the protocols that are used to manage connections between both parties.

Communication:
Computers need a common way to speak with one another. Think of it like talking on the telephone to someone who doesn't speak English and you don't speak their language. There's no way to achieve a common understanding. You may be able to guess a word here or there, but for the most part, the conversation won't work. Computers can't even guess a common word, so without a language in common, that communication won't happen.

HTTP:
To get a web page from your cloud provider, you'll likely be using the Hypertext Transfer Protocol (HTTP) as the computing mechanism to transfer data between the cloud and your organization. HTTP is a stateless protocol. This is beneficial because hosts do not need to retain information about users between requests, but these forces web developers to use alternative methods for maintaining users' states. For example, when a host needs to customize the content of a web site for a user, the web application must be written to track the user's progress from page to page. The most common method for solving this problem is sending and receiving cookies.

XMPP:
The Extensible Messaging and Presence Protocol (XMPP) is being talked about as the next big thing for cloud computing. The problem is that current cloud services—including SOAP and other HTTP-based protocols—are all one-way information exchanges. This means that clouds do not operate in real time and might have difficulties clearing a firewall. XMPP allows for two-way communication and eliminates polling.

Security:
Securing your cloud sessions is especially important as security is one of the top reasons Businesses are reluctant to join the cloud. Securing your cloud sessions can be accomplished via encryption and authentication. The most prevalent means of web encryption comes standard on every browser. Authentication is another matter, with several options open to you. Here we'll talk about the widely used Secure Sockets Layer (SSL) for Encryption, and one means of authentication, OpenID.

SSL:
The last time you bought something from your favorite online retailer, you passed along your credit card information, probably using Secure Sockets Layer (SSL). SSL is the standard security technology for establishing an encrypted link between a web server and browser. This ensures that data passed between the browser and the web Server stays private.
To create an SSL connection on a web server requires an SSL certificate. When your cloud provider starts an SSL session, they are prompted to complete a number of questions about the identity of their company and web site. The cloud provider's computers then generate two cryptographic keys—a public key and a private key.
The public key does not need to be secret and is placed into a Certificate Signing Request (CSR). This is a file that contains your details. You then submit the CSR. During the SSL certificate application process, the certification authority will validate your details and issue an SSL certificate, containing your details, allowing you to use SSL. The cloud provider will then match your issued SSL certificate to your private key. Your web browser will be able to establish an encrypted link between your computer and the cloud provider.

Reference:

Cloud Computing: A Practical Approach By

Anthony T. Velte
Toby J. Velte, Ph.D.
Robert Elsenpeter

The Seven Standards of
Cloud Computing Service Delivery
By Sales force.com

NIST Cloud Computing
Standards Roadmap
By
National Institute of Standards and
Technology (NIST)

Images:

Google Images

Community<< Previous
Next >>Developing Applications

Our aim is to provide information to the knowledge seekers. 


comments powered by Disqus




Footer1