Interconnected computing clouds

Linking IaaS

NIST observes there is a need for standards, starting with IaaS, where many interfaces are proprietary but there is potential for openness:^[1]

Virtual machine (VM) image distribution (e.g., Desktop Management Forum (DTMF) Open Virtualization Format (OVF) ^[2]
VM provisioning and control (e.g., the proprietary API to Amazon Elastic Cloud Service)
Inter-cloud VM exchange; interfaces are lacking here
Persistent storage (e.g., Azure Storage, S3, EBS, GFS, Atmos)
VM service level agreements (SLA); definitions are lacking for machine readable uptime, resource guarantees, storage redundancy
Secure VM configuration, such as Security Content Automation Protocol (SCAP)

VMware, the largest virtualization vendor, has offered its vCloud API to the Desktop Management Forum, which they say is responsive to open standards. An industry analyst, Chris Wolf of the Burton Group, said that making the API available without the infrastructure is marketing, not interoperability.^[3]

Linking PaaS and SaaS

There are proprietary niches in such linkage, sometimes called Enterprise Service Bus, more likely to provide business-to-business rather than user-to-service functionality. Vendors in this space, such as Rearden Commerce and Ariba, are brokers between customers and service providers; Rearden's product is an automated personal assistant that goes to approved service providers. Ariba offers "spend management" SaaS.

By their value-added nature, it is much harder to standardize interfaces at the higher levels of cloud service. There are possible approaches, however, such as

PaaS
- Supported programming languages
- APIs for cloud services
SaaS
- SaaS-specific authentication / authorization
- Formats for data import and export (e.g., XML schemas)
- Separate standards may be needed for each application space

Security may be one of the first places for open standards in IaaS, PaaS, and SaaS. ^[4]

Security

Open interface possibilities include:

Identity and Access Management (IAM)
IdM federation (SAML, WS-Federation, Liberty ID-FF)
Strong authentication standards (HOTP, OCRA, TOTP)
Entitlement management (XACML)
Data Encryption (at-rest, in-flight), Key Management
Public Key Infrastructure (PKI), PKCS, KEYPROV (CT-KIP, DSKPP), EKMI
Records and Information Management (ISO 15489)
Electronic legal discovery with the Electronics Discovery Reference Model [http://www.edrm.net (EDRM)

Citrix and Signacert are building a security system for cloud interconnection, using a whitelist repository of trust information. ^[5]

References

↑ Mell and Grace, October 2009, pp. 48-49
↑ Open Virtualization Format Specification, Desktop Management Forum, 2007
↑ Cite error: Invalid <ref> tag; no text was provided for refs named NW2009-08-31VMWare
↑ Mell and Grace, October 2009, p. 50
↑ "Citrix to Establish Virtual Infrastructure Security Validation in Collaboration with SignaCert.", Business Wire, 9 September 2009

[1] Mell and Grace, October 2009, pp. 48-49

[DTMF-OVF-2] Open Virtualization Format Specification, Desktop Management Forum, 2007

[NW2009-08-31VMWare-3] Cite error: Invalid <ref> tag; no text was provided for refs named NW2009-08-31VMWare

[4] Mell and Grace, October 2009, p. 50

[5] "Citrix to Establish Virtual Infrastructure Security Validation in Collaboration with SignaCert.", Business Wire, 9 September 2009

[1]

[2]

[3]

[4]

[5]

Interconnected computing clouds

Contents

Linking IaaS

Linking PaaS and SaaS

Security

References

Navigation menu

Interconnected computing clouds

Linking IaaS

Linking PaaS and SaaS

Security

References

Navigation menu

Search