Transforming Enterprise Cloud Services (eBook)

Contents 16
Introduction to Enterprise Services and Cloud Resources 23
1.1 Introduction to Enterprises 24
1.1.1 Enterprise Resources 24
1.1.2 Enterprise Architecture 25
1.2 Definitions of Cloud, Services, and Ecosystem 29
1.2.1 The Cloud 29
1.2.2 Cloud Services 30
1.2.3 Cloud Technologies 31
1.2.4 Cloud Ecosystem 32
1.3 History of Cloud and Enterprise Services 37
1.3.1 Initial Establishment 38
1.3.2 Early Developments 39
1.3.3 Recent Major Developments 40
1.3.4 Network-Centric Operations 42
1.4 Cloud Enablers 44
1.4.1 Service Architecture and Abstraction 45
1.4.1.1 Service-Oriented Architecture 45
1.4.1.2 Service Abstraction 47
1.4.2 Virtualization 48
1.4.2.1 Virtual Platform 49
1.4.2.2 Virtual Network 49
1.4.2.3 Virtual Database 50
1.4.2.4 Virtual Application 50
1.4.3 Web Technologies 51
1.4.3.1 Web 1.0 51
1.4.3.2 Web 2.0 52
1.4.3.3 Web 3.0 53
1.4.4 Key Cloud Characteristics 54
1.5 Enterprise Transformation 56
1.5.1 People and Organization 57
1.5.2 Process 59
1.5.3 Technology 59
1.6 General Framework & Book Origination
References 63
Cloud Service Business Scenarios and Market Analysis 65
2.1 Overview 65
2.2 Cloud Use Cases and Applications 67
2.2.1 Public Cloud 68
2.2.2 Community Cloud 69
2.2.3 Private Cloud 70
2.2.4 Hybrid Cloud 70
2.3 General Information Technologies 71
2.3.1 Software Services 76
2.3.2 Platform Services 77
2.3.3 Infrastructure Services 78
2.4 Commercial Markets and Applications 78
2.4.1 Marketing 80
2.4.2 Sales 82
2.4.3 Finance 82
2.4.4 Financial Industry 83
2.4.5 Telecommunications Industry 84
2.5 US Government and Defense 86
2.5.1 Federal Chief Information Officers Council 87
2.5.2 General Services Administration (GSA) 89
2.5.3 National Business Center (NBC) 89
2.5.4 National Institute of Standards and Technology 91
2.5.5 The U.S. Department Of Defense 92
2.6 Scientific, Educational, and Others 97
2.6.1 US Department of Energy (DOE) and Magellan 98
2.6.2 NASA Nebula 99
2.6.3 Education 101
2.6.4 Other International Organizations 103
2.7 Conclusion 106
References 107
Cloud Service Architecture and Related Standards 109
3.1 Overview 110
3.2 Types of Cloud Services 113
3.2.1 Software as a Service 113
3.2.2 Platform as a Service 116
3.2.3 Infrastructure as a Service/Hardware as a Service 118
3.3 Holistic Enterprise Architecture and Cloud Services 122
3.3.1 Service and Business Layer 123
3.3.2 Data and Information Layer 123
3.3.3 Integration Layer 124
3.3.4 Technology and Tool Layer 124
3.4 Enterprise Architecture and Cloud Transformations 125
3.4.1 Enterprise Architecture Styles 125
3.4.2 Architecture Transformation 127
3.4.2.1 Transforming Existing Architectures 127
3.4.2.2 Addressing Architecture Layering and Partitioning 128
3.4.2.3 Benefits of Transformations 130
3.5 Cloud Architectures and Vendor Implementations 131
3.5.1 Public Cloud 132
3.5.2 Private Cloud 133
3.5.3 Hybrid Cloud 135
3.6 Cloud Related Standards and Forums 136
3.6.1 Open Grid Forum 136
3.6.2 Open Virtualization Format 137
3.6.3 HTTP 138
3.6.4 XML and JSON 139
3.6.5 AJAX 139
3.6.6 HTML5 140
3.6.7 Web Syndication 140
3.6.8 XMPP 142
3.6.9 REST 143
3.6.10 Security and Data Privacy Standards 144
3.6.10.1 OAuth 144
3.6.10.2 OpenID 145
3.6.10.3 SSL/TLS 146
3.7 Enterprise Transformation Implications 147
3.7.1 Information Framework 150
3.7.2 Process Framework 151
3.7.3 Service Level Management 151
3.8 Conclusion 152
References 152
Challenges of Enterprise Cloud Services 155
4.1 Overview 156
4.2 Non-Technical Challenges 159
4.2.1 Financial 160
4.2.2 Enterprise Scalability 160
4.2.2.1 Software Licensing 161
4.2.3 Business Operations 163
4.2.4 Organizational 164
4.3 Software Services Perspective 165
4.3.1 User Data 165
4.3.1.1 Accessibility 166
4.3.2 Data and Applications 167
4.3.3 Integrity 167
4.3.3.1 Portability 168
4.3.3.2 Interoperability 169
4.3.3.3 Software Services 169
4.3.3.4 Agility 170
4.3.3.5 Flexibility 170
4.3.3.6 Adoptability 171
4.4 Platform Services Perspective 172
4.4.1 Data and Information 172
4.4.1.1 Information Management 172
4.4.2 Platform Service Framework 174
4.4.2.1 Scalability 174
4.4.2.2 Portability 175
4.4.2.3 Tool Availability 175
4.4.3 Platform Integration 176
4.4.3.1 Level of Virtualization 176
4.4.3.2 Limitations 176
4.5 Infrastructure Services Perspective 177
4.5.1 General Infrastructure 178
4.5.1.1 Automation and Commoditization 179
4.5.1.2 Network Capacity and Mobility 179
4.5.1.3 Data Movement and Integrity 180
4.5.1.4 Bug in Large-Scale Distributed Systems 181
4.5.2 Service Performance 182
4.5.2.1 Availability and Reliability 182
4.5.2.2 QoS Governance 183
4.6 Security Challenges 183
4.6.1 Data 185
4.6.1.1 Ownership 186
4.6.1.2 States 188
4.6.1.3 Anonymity 188
4.6.2 Secured Access 190
4.6.2.1 Two-Factor Authentication 190
4.6.2.2 Single Sign-On 190
4.6.3 Data Governance 191
4.6.3.1 Information Lifecycle Management 192
4.6.4 Data Leakage 193
4.6.4.1 Lack of Smart Data with Embedded Policies 194
4.6.5 Security Framework 194
4.6.5.1 Lack of Transparent Solutions 194
4.6.5.2 Insufficient User Provisioning 195
4.7 Operational and Management Challenges 195
4.7.1 Strategy and Service Planning 196
4.7.1.1 Expertise to Plan for Cloud Technology 197
4.7.1.2 Multiple Tenancy Impacts 197
4.7.1.3 Failure Management 199
4.7.1.4 Vendors Issues 200
4.7.2 Service Fulfillment 201
4.7.2.1 Cross-Cloud Processes and Policy Coordination 201
4.7.2.2 SLA Definition and Negotiation 202
4.7.3 Service Assurance 203
4.7.3.1 Monitoring 204
4.7.3.2 Governance and Compliance 204
4.8 Conclusion 206
References 207
Networked Service Management 210
5.1 Overview 210
5.2 Software as a Service 211
5.2.1 Software as a Service Licensing Models 211
5.2.2 Transforming Enterprise Architectures to Service-Centric Architectures 212
5.2.3 Enterprise Integration Architecture to Access Software as a Service Applications 214
5.2.3.1 Integration Brokers 215
5.2.3.2 Identity Integration 217
5.2.4 Enterprise Composition Architecture to Access Software as a Service Applications 219
5.2.5 Transformation Reference Architecture for Enterprises 220
5.2.6 SaaS Data Architecture 224
5.2.6.1 Separate Databases 224
5.2.6.2 Shared Database, Separate Schemas 225
5.2.6.3 Shared Database, Shared Schema 225
5.3 Hardware as a Service/Infrastructure as a Service 226
5.3.1 IaaS Hierarchy 226
5.3.2 POD Architecture 228
5.3.3 Transforming Enterprises to Use IaaS 229
5.3.3.1 Packaging and Distribution of Software 229
5.3.3.2 Browsing APIs 231
5.3.3.3 Provisioning APIs 232
5.3.3.4 Datacenter Operations APIs 233
5.4 Platform as a Service 234
5.4.1 Implications of PaaS on Transforming Enterprises 234
5.4.1.1 Software Development 234
5.4.1.2 Service Delivery 235
5.4.1.3 Collaboration 235
5.4.2 Example PaaS Techniques 235
5.4.2.1 Software Development 236
5.4.2.2 Collaboration 236
5.4.3 Public Cloud vs. Private Cloud 236
5.4.3.1 Reference Architecture for PaaS Private Cloud 237
5.4.3.2 PaaS Private Cloud Life-Cycle 238
5.4.3.3 SOA, BPM, and UI 239
5.4.3.4 Identity Management and Systems Management 240
5.5 Service Definition and Instance Management 240
5.5.1 Virtualization and Cloud Infrastructure 241
5.5.2 Virtualization-Optimized Cloud Infrastructure 243
5.6 Service Level and Quality Management 244
5.6.1 Specification of Service and Quality Levels 245
5.6.2 Cloud Service Level and Quality Management Architecture 249
5.7 Conclusion 249
References 250
Cross-Domain Policy-Based Management 252
6.1 Overview 253
6.2 PBM Benefits and Potential Applications 254
6.2.1 The Benefits and Business Drivers of PBM 255
6.2.2 PBM Support OSS and BSS 255
6.3 PBM Standards and Commercial Implementations 257
6.3.1 TM Forum SID’s Policy Aggregate Business Entities 257
6.3.2 IETF Policy Workgroup 261
6.3.3 Market Players 262
6.4 Policy and Management Framework 264
6.4.1 Policy Template 265
6.4.2 Policy Implementation and Usage 266
6.4.2.1 Policy Domain, Conditions, and Entities 266
6.4.2.2 Policy Management Processes 268
6.4.3 Policy Management and Policy Engine 269
6.5 Transforming PBM to a Cloud Environment 270
6.5.1 Cloud-Focused Policy Stack 271
6.5.2 Design Considerations 274
6.5.3 Implementation Considerations 275
6.5.4 Service Policy and SLA 277
6.5.5 Service Policy and Resource Allocations 279
6.5.6 Security in Cloud Policy Management 279
6.6 Externalizing Policy and Management 281
6.6.1 Policy Negotiation 282
6.6.2 Automated Policy Negotiation 285
6.6.3 Policy Adaptation 287
6.7 Conclusion 290
References 291
Building and Configuring Enterprise Cloud Services 293
7.1 Overview 294
7.2 Design Principles and Deployment Options 296
7.2.1 Service Automation 297
7.2.1.1 Systems Management Drivers 297
7.2.1.2 Applications Management Driver 297
7.2.2 Adapting to High Utilization and Rapid Growth 299
7.2.2.1 Consolidation and Virtualization 299
7.2.2.2 Automation and Optimized Virtualization 300
7.2.2.3 Service Federation 300
7.2.2.4 Consolidation of Management Information 301
7.3 Standards-Based Business Process Framework 301
7.3.1 The ITIL and eTOM Frameworks 302
7.3.2 Level Zero Key Concept 302
7.3.3 Level One Processes 303
7.3.4 Level Two and Three Processes 305
7.3.5 Improvements to Current eTOM for Cloud Services 308
7.4 Standards-Based Information Framework 309
7.4.1 The SID Business View 309
7.4.2 SID Domains and Level One ABEs 311
7.4.3 Service Domains and Level Two ABEs 311
7.4.4 Improvements to the Current SID for Cloud Services 312
7.5 Technology-Neutral, Service-Centric Architecture 313
7.5.1 Next-generation Datacenter Management 314
7.5.2 Architectural Planning, Simplification, and Transformation 315
7.5.2.1 Using eTOM and SID 316
7.5.2.2 Framework-based SOA Methodology 318
7.5.2.3 Dynamic Cloud Active Catalog 319
7.5.2.4 Policy-Oriented Business and Risk Management 322
7.5.2.5 Cloud Service Monitoring and Management 322
7.5.2.6 Configuration Management 323
7.6 Conclusion 327
Reference 327
Service Monitoring and Quality Assurance 329
8.1 Overview 329
8.2 Enterprise Quality and Performance 330
8.2.1 Service Level Agreements, Enterprises, and Customer Experiences 330
8.2.2 Key Quality Indicators and Key Performance Indicators 333
8.2.3 Sample Key Quality Indicators and Key Performance Indicators 334
8.2.4 Quality Equations and Measurement 336
8.3 Service Quality Management 338
8.3.1 Value-Chain SQM 339
8.3.2 SQM Metrics 342
8.4 Probes 343
8.5 SLA Management and Reporting 344
8.5.1 SLA Monitoring and Reporting Process 345
8.5.2 SLA Reporting Mechanisms 346
8.6 Enterprise SLA Negotiation 347
8.6.1 SLA Development Process 347
8.6.2 Form of an Enterprise SLA 349
8.7 Policies and Monitoring 352
8.7.1 Monitoring Agents 354
8.7.2 Manageability and Operability 356
8.8 Conclusion 358
References 360
Security for Enterprise Cloud Services 361
9.1 Overview 362
9.2 Security for Cloud Services and Infrastructure 363
9.2.1 Authorization and Role-Based Access Control 363
9.2.1.1 Access Management Architecture 363
9.2.1.2 Implementation of Credential-Based RBACs in Cloud Infrastructure 365
9.2.2 Cloud Security Services 367
9.2.2.1 Export Control Policies 367
9.2.2.2 Cloud Infrastructure to Support Public Key Algorithms 368
9.2.2.3 Cloud Infrastructure to Support Secret Key Algorithms 368
9.2.2.4 Cloud Infrastructure to Support Hash and Message Digest Algorithms 369
9.2.3 Integration of Role-Based Architecture in the Web 369
9.3 Security for Enterprises that Use Cloud Services 370
9.3.1 Federated Identity Management Architecture 371
9.3.2 Side Channel Attacks and Counter-Measures 373
9.3.2.1 Threat Model 373
9.3.2.2 Exploiting Placement Locality 374
9.3.2.3 Cross-Virtual Machine Information Leakage 375
9.3.2.4 Counter-Measures 376
9.4 Intrusion Detection in Cloud Computing 376
9.4.1 Types of Raw Data Collected 379
9.4.2 Distributed Intrusion Detection Architecture 380
9.4.3 Fusion-Based Intrusion Detection Systems 382
9.4.3.1 Functional Data Fusion Process Model 382
9.4.3.2 Data Fusion Architectures 385
9.5 Security for Cloud Service Management 388
9.5.1 Security for APIs 388
9.5.2 Security for Service Containers 389
9.6 Measures for Cross-Virtual Machine Security 392
9.6.1 Virtual Machine Security 392
9.6.2 File System Security Management 393
9.6.2.1 Self-certifying Pathnames 394
9.6.2.2 Server Key Management 395
9.6.3 Virtual Machine Image Security 396
9.7 Conclusion 398
References 402
Enterprise Cloud Service Applications and Transformations 405
10.1 Overview 406
10.2 Business and Technology Transformation 408
10.2.1 Establish Strategic Promises 408
10.2.2 Plan for New Business Models 412
10.2.3 Establish a Technical Innovation Culture 414
10.3 The New Form of Software and Service 415
10.3.1 End Users’ Expectations 416
10.3.2 Expanding Service Categories 416
10.3.3 More Destiny Sharing Interactions 417
10.3.4 Evolving Web Applications 417
10.3.5 Integrating Enterprise SaaS with Cloud Services 418
10.4 Platform Integrations and Collaborations 419
10.4.1 New Applications Development Functions 419
10.4.2 Software Development Standards 420
10.4.3 New Software Packaging Focus 421
10.4.4 New Relationship with Hardware Resources 421
10.4.5 Integrating Enterprise and Cloud PaaS 422
10.5 Infrastructure Transformations 422
10.5.1 Customizable Service Resources 423
10.5.2 Improved Infrastructure 423
10.5.3 Customer Portal and Rapid Provisioning 424
10.5.4 Integrating Enterprise and Cloud IaaS 424
10.6 Cloud Management and Operational Framework 425
10.6.1 Management Paradigms 425
10.6.2 Service Management Automation 426
10.6.3 Changing Process Management 427
10.6.4 Integrating Enterprise and Cloud Governance 428
10.6.5 Integrating Enterprise and Cloud Quality Assurance 429
10.7 Cloud Security and Information Assurance 431
10.7.1 New Applications of Information Assurance 431
10.7.2 Security in Different Service Layers 433
10.8 Final Notes 435
Reference 435
Index 438