Nuts & Bolts of the Cloud

As I wait for my son to wrap his Saturday morning MindVenture class, I decided to type this post on my Blackberry about what is behind the Cloud, its components, basically it's Nuts & Bolts!  I am surely going to have sore thumbs after finishing this article! :-)

So here you go..

At the very heart of a cloud service is a Central Database expressed in an acronym as CMDB. In that layer are stored Policies and the Definitive Media Library that govern how things should be configured & controls around the same. 

The next layer has the elaborative Data Model over which the Service Manager sits as a dictator governing the Workflow Manager, Platform Manager & the Resource Manager. It also controls the Infrastructure Resources like network, storage, servers, hardware, software and all the other bells & whistles. Around these Managers is the Provider API that hooks up all the relevant managers to the providers - Control Provider, Advice Provider & the Resource Providers. These Providers do the actual dirty work of provisioning, communicating, reporting and configuring the resources as per the user requirements.

Beyond the Provider API, there is usually a Cloud API that lets external customer systems talk (integrate) to the Cloud Solution and beyond that is the Cloud User Interface that the Cloud End Users, Cloud Administrators  use to control, monitor & deploy their Cloud Experience!

Each of the above component is a beast in its own way with complex technologies under it. Unless all of these components synch up together and work like a team, the Cloud Solution may just fall apart!

Also posted on BMC Communities

Implementing Identity Management in the Cloud

Effective Identity Management needs a very high level of commitment from the corporates and needs dedicated resources to get this accomplished. Typically, Identity Management in the Cloud requires the following to be in place:

• Establishing a Credentials database
• Managing Use Access Rights
• Enforcing the Security Policy
• Developing the capability to create & modify user accounts
• Setting up monitoring of resource accesses
• Setting up a process for removing access rights
• Provide training on the processes

The Open Group and WWW Consortium (W3C) are working towards a global standard for Identity Management System that would be interoperable, provide for privacy, implement accountability and be portable. Identity Management is also being addressed by the XML based eXtensible Name Service (XNS) open protocol for universal addressing and provides a permanent identification address for a container of an individual's personal data & contact information. XNS also provides means to verify whether an individual's contact information is valid and a platform for negotiating the  information exchange. 

Benefits of Identity Management in a Public vs Private Cloud

Public Cloud ·         Implementation best practices (example: provisioning/business use cases, etc.) gained over other customers can be reused in a cost effective manner during similar deployments for a new deployment ·         Security and SLA are at higher risks due to public exposure and a complex shared environment (network complexity) ·         ROI - cost effective in the short term

Private Cloud ·         Implementation expertise (example: development/technical) gained within the enterprise reduces further integration (wider and broader) costs & time ·         Shared Services architecture can be easily reused across the enterprise to easily drive other business requirements ·         Compliance and regulation requirements may be easily monitored/enforced within the company ·         ROI - cost effective over the long term

The ultimate solution is Autonomic Security. This is a self managing computing model in which systems reconfigure themselves in response to changing conditions and are self healing - something similar to the likes of Terminator or i-Robot...! It's still somewhere in the future but mind it, people have already started thinking about it and are working on many prototypes that will change the Cloud Identity Management!

References: Oracle.com, Cloud Security - Ronald L Krutz & Russell Dean Vines
Also posted on BMC Communities