PDA

View Full Version : Cloud Computing


siliconphreak
08-26-2009, 6:18 PM
For those of you interested in Cloud Computer. As in a virtual computer or desktop environment that runs on the internet and isn't exclusive to your own computer but which ever you have access to that has internet access. A co-worker showed me this the other day. Figured a few of you geeks out there would probably like the idea of this.
http://g.ho.st/

Casual_Shooter
08-26-2009, 7:37 PM
I see everyone using cloud computing in the future. I don't think having software on your computer will be "normal".

bigmike82
08-26-2009, 8:09 PM
As a network admin, I abhor the idea of 'cloud' computing. The lack of control over your information is, IMO, utterly unacceptable.

From an academic/distributed processing viewpoint, it's an outstanding tool.

sfwdiy
08-26-2009, 8:25 PM
As a network admin, I abhor the idea of 'cloud' computing. The lack of control over your information is, IMO, utterly unacceptable.

From an academic/distributed processing viewpoint, it's an outstanding tool.

+1 I think cloud computing has it's advantages and disadvantages. I use some cloud based infrastructure for my domain through Google Apps, mainly the mail. I still download all my mail with a mail client, though. I've noticed that most people who strictly use webmail tend to have only one email address. That's not me.

The biggest obstacle to legitimate cloud computing is still bandwidth. Imagine editing video in the cloud.

--B

artherd
08-27-2009, 12:25 AM
The first person who ties encryption and cloud computing together is going to be very wealthy.

SwissFluCase
08-27-2009, 8:56 AM
The first person who ties encryption and cloud computing together is going to be very wealthy.

If everything is in the cloud, a la Terminal Server or diskless workstation, who holds the keys?

I expect most clouds to be "private clouds" with the entity that owns the information owning the cloud. That said, hosting specific apps, such as Salesforce.com in the cloud, is most likely the future of the technology. "Infrastructure Cloud Computing" was the paradigm in the mainframe days.

Regards,


SwissFluCase

WeekendWarrior
08-27-2009, 9:25 AM
I work for one of the premier vendors of cloud computing applications and development platforms. Companies throughout the world are realizing that cloud computing will not only save them money by not having to invest in infrastructure and an related maintenance/IT resources, but the cloud allows for speedy development and implementation times for applications as well as simplified disaster recovery. Some common free cloud computing examples to throw out there would be E-bay, Facebook, Amazon.com, LinkedIn, Google Apps, etc. etc. These are not just websites, they are applications your are accessing through the internet. Many vendors are moving towards the SaaS model (Software as a Service). Our company has seen consistent strong growth for 10 years, even during the downturn in the economy.

Cloud computing is the perfect solution for small businesses that cannot afford to invest in infrastructure or application maintenance. It is also widely accepted at the Enterprise level.

Regarding data ownership and encryption, our system meets all of the internet security standards such as Sys Trust Sas-70 type 2 compliance, ISO 27001 compliance. Regarding your data, at my company, you own your data and we will not access it unless you give us permission to do so. All of your data can be exported into .csv files so if you ever leave our company's service, you can bring your data with you. I don't know about other companies out there, but your data is safe with us, and you are the sole owner of said data.

Librarian
08-27-2009, 11:20 AM
WeekendWarrior (or anyone else), can you point me to a decent user-level discussion of cloud computing? As the sales guys always want to hear, "I want to know more".

vta
08-27-2009, 12:21 PM
I'd like to see how each of you define the phrase 'cloud computing'. Here are some of my explanation of the concept of cloud computing:

Cloud computing is basically an all emcompassing phrase that describes storing, accessing and manipulating data that is stored on a server (physical or virtual) in the Internet. There are a few aspects of it as follows.

End Users:
Anything you do inside your browser is technically computing in the cloud. From personal email services like GMail to enterprise web apps like SalesForce, they are all 'cloud-based'

Sys. Admins:
Running virtual machines as servers instead of running hardware in your server room is another definition of cloud computing. It consolidates the computing resource by running virtual OSs that are less dependent on single pieces of hardware to prevent failures

Thin Clients:
This hearkens back to the days of the mainframe but it is most prevalent today in the mobile environment. The ever-so-popular iPhone is a perfect example of what today's thin client looks like and it excels in being the interface to today's cloud-based services. That's not to say that your laptop or desktop computer isn't a thin client as some of today's light weight mobile machines are starting to blur that line.

I think the idea of using a thin client that looks like a monitor/keyboard/mouse at the home is kind of a dated concept. We all have our data stored in the cloud already being registered members of Calguns. Whether or not you will one day rely solely on the data stored in the cloud and no where else is probably the biggest obstacle it will need to overcome for it to become a computing standard.

artherd
08-27-2009, 12:37 PM
Everything old is new again :)

If all data in the cloud is encrypted - it is irrelevant who holds the keys. The trick is - making that work, since generally things need to be decrypted to process in any rational way.

At least today.

If everything is in the cloud, a la Terminal Server or diskless workstation, who holds the keys?

I expect most clouds to be "private clouds" with the entity that owns the information owning the cloud. That said, hosting specific apps, such as Salesforce.com in the cloud, is most likely the future of the technology. "Infrastructure Cloud Computing" was the paradigm in the mainframe days.

Regards,


SwissFluCase

artherd
08-27-2009, 12:43 PM
http://portal.acm.org/citation.cfm?doid=30401.30404

wildhawker
08-27-2009, 11:10 PM
Everything old is new again :)

If all data in the cloud is encrypted - it is irrelevant who holds the keys. The trick is - making that work, since generally things need to be decrypted to process in any rational way.

At least today.

Are you pointing towards quantum computing and cryptology?

artherd
08-28-2009, 12:56 AM
Are you pointing towards quantum computing and cryptology?

Have been for most of my life :)

jmlivingston
08-28-2009, 6:17 AM
The terms "Cloud Computing" and "Software as a Service" are just new names to generate buzz around what we all used to know as Application Service Providers.

The collection of technologies that fulfill this vague concept of cloud-computing are in many ways extensions of what we've already been doing. VMWare providing an ability to allocate CPU/RAM resources on the fly, SAN-based systems for storage on the fly, and load-balancing (preferrably global but even local) for high availability, these are really the foundations of the cloud.

The good question is this: Who owns the cloud? I don't believe it needs to be an outside entity of your own IT department. About 6 years ago a former employer of mine approached our core IT apps this way. Everything was built with the motto of "Always available, anytime and anyplace". We became so successful at it that our CIO & management was even considering selling access to our platform to some of our smaller competitors. The software was highly customized, nobody offered anything comparable to what we built, and it was a kick-butt solution. Our entire approach to everything was that we should be seen as a service to everyone else in the company.

What I guess I'm saying is that cloud-computing can be as much an approach to your own architecture and design as it is to simply forking $$$ over to some fancy re-branded ASP.


Everything old is new again :)

If all data in the cloud is encrypted - it is irrelevant who holds the keys. The trick is - making that work, since generally things need to be decrypted to process in any rational way.

At least today.

One of the BIG keys to this is encrypted storage, I just happen to work for a company that's involved in this space. :D

lazyworm
08-28-2009, 7:13 AM
Cloud computing, virtualization, SaaS, etc are just buzz words that marketing
teams everywhere grab hold of.

Almost every company that has a web based application is calling themselves
a cloud vendor nowadays.

There is also the debate of public vs private cloud.

I'd suggest we all look pass these definitions and buzz words.

To me, cloud computing is the next step is commoditizing computing
resources, turning all of them into utilities like electricity or phone
service. Either as an application with a specific purpose -- business
app, email, whatever; or as raw computing power -- Amazon AWS, vmware.
You as a company or a consumer, pay for what you use. You don't need
to worry about how's it built or how it's maintained. You just use it.

This is the same natural progression of a lot of technology. You don't need
your own generator to have electricity, you get it from PG&E. You don't
need to setup modem to everybody you need to communicate with (e.g.
uucp), you just get an ISP. You don't need to run your own email server,
you just used Gmail, yahoo, hotmail etc. You don't need to go out and
source a server, you just allocate or spawn one.

Also to point out... this is just another alternative among all the choices.
A company's needs will drive it towards the cloud or a more traditional
solution (e.g. colo, hosted servers, shrinked-wrapped biz apps, privacy)

On a more personal note, my day job uses Amazon AWS extensively.
We're running a very successful business off AWS. As the IT/Ops guy,
commodity computing allows me to closely and easily manage computing
resources. I don't need to (mostly because I can't) plan ahead on our
server needs. I just need a 15-30 min notice so I can fire up more servers.
I can also turn them off as soon as the need is gone. This is a finer grain
control that hosting or colo can't provide.

WeekendWarrior
08-28-2009, 7:38 AM
I wouldn't say Cloud Computing and SaaS are buzz words at heart, rather they were names given to this new style of computing and application development. They are buzz words now in the sense that the Cloud is a hot topic right now, but just like any other form of Technology, a name is adopted to be used and recognized by the mass market. Real cloud computing applications have only been around since the innovation of web 2.0 websites which facilitate the use of the applications in the cloud.

Benefits of the Cloud for your business:

Lets look at it this way. If you are running a company that uses 10, 20, or even 100 business applications - this is going to require a large amount of infrastructure and dedicated resources to maintain. According to many studies, most companies spend about 70% of their budget towards maintaining the hardware and software they have in place, leaving only 30% of their budget and time to work on innovation, projects, or new products. The beauty of a multi-tenant architecture, and I am talking true multi-tenancy - is that all instances of an application run on the same code infrastructure. Well what does that mean to an end user? What that means is that instead of supporting past models of the application every time new functionality is released or patches are applied, SaaS companies with multi-tenant infrastructures need only to support 1 version of the application. That means they can concentrate on innovation rather than supporting past models. That also means when new changes are rolled out to end users, this will not affect any integrations that have been built out ofr their specific instance of the application. How many times has your company rolled out a security patch for an on-premise solution just to see integrations fail because of changes to the fundamental coding of the application? This happens all the time, and is completely avoidable with the SaaS/multi-tenancy model. Our company rolls out 3-4 new releases every year and we do so seamlessly (5 minutes of downtime in the middle of the night). All of your integrations are preserved and you never see problems as a result. So an end user will constantly have the latest and greatest functionality on their application without the headache of integration failures or other disruptions. How many new releases do you see for an on premise application each year? Maybe one, if that. The reason for that is that whenever they develop new functionality they are having to build it out for all the different prior versions of their application to make it accessible to all of their customers. If you have 8 prior versions, that means you need to code that functionality for 8 different applications instead of a single application.

I know there is a lot of skepticism out there about Cloud computing with people concerned about security, but if you look at the marketplace trend almost every large software company is now developing Cloud applications in conjunction with their on-premise applications. Microsoft, Oracle, etc., etc.

The difference between my company and those companies is they are still locked into developing and supporting on premise solutions, slowing down their innovation. My company is strictly SaaS, which is why we are a market leader in the Industry. I'd like to see Microsoft put out 3 major releases in one year for any of its products (and I'm not talking security patches, hahahaha).

SwissFluCase
08-28-2009, 8:46 AM
I see cloud computing really taking off for those specialized business applications that are quickly evolving. What I don't see is the core desktop suite moving to the cloud. Who cares if Windows and Office is only upgraded every five years (or more)? If you want to get rid of the PCs, they can be virtualized in your server room (private cloud?). We deploy a solution called Panologic at some of our clients to do just that.

I think we will always see a mix of the two types. What is obvious is that client/server computing costs much more than the old mainframes did, and is much less reliable. Those apps that used to run on the mainframe will be the ones that go to the cloud.

The problem is still the encryption keys. It *does* matter who holds them. A lot of our clients have data that they will not or can not allow to leave the premises because a breach would finish their business. Strong encryption would overcome this obstacle to *some* degree.

Regards,


SwissFluCase

lazyworm
08-28-2009, 10:27 AM
I wouldn't say Cloud Computing and SaaS are buzz words at heart, rather they were names given to this new style of computing and application development. They are buzz words now in the sense that the Cloud is a hot topic right now, but just like any other form of Technology, a name is adopted to be used and recognized by the mass market. Real cloud computing applications have only been around since the innovation of web 2.0 websites which facilitate the use of the applications in the cloud.

Benefits of the Cloud for your business:

Lets look at it this way. If you are running a company that uses 10, 20, or even 100 business applications - this is going to require a large amount of infrastructure and dedicated resources to maintain. According to many studies, most companies spend about 70% of their budget towards maintaining the hardware and software they have in place, leaving only 30% of their budget and time to work on innovation, projects, or new products. The beauty of a multi-tenant architecture, and I am talking true multi-tenancy - is that all instances of an application run on the same code infrastructure. Well what does that mean to an end user? What that means is that instead of supporting past models of the application every time new functionality is released or patches are applied, SaaS companies with multi-tenant infrastructures need only to support 1 version of the application. That means they can concentrate on innovation rather than supporting past models. That also means when new changes are rolled out to end users, this will not affect any integrations that have been built out ofr their specific instance of the application. How many times has your company rolled out a security patch for an on-premise solution just to see integrations fail because of changes to the fundamental coding of the application? This happens all the time, and is completely avoidable with the SaaS/multi-tenancy model. Our company rolls out 3-4 new releases every year and we do so seamlessly (5 minutes of downtime in the middle of the night). All of your integrations are preserved and you never see problems as a result. So an end user will constantly have the latest and greatest functionality on their application without the headache of integration failures or other disruptions. How many new releases do you see for an on premise application each year? Maybe one, if that. The reason for that is that whenever they develop new functionality they are having to build it out for all the different prior versions of their application to make it accessible to all of their customers. If you have 8 prior versions, that means you need to code that functionality for 8 different applications instead of a single application.

I know there is a lot of skepticism out there about Cloud computing with people concerned about security, but if you look at the marketplace trend almost every large software company is now developing Cloud applications in conjunction with their on-premise applications. Microsoft, Oracle, etc., etc.

The difference between my company and those companies is they are still locked into developing and supporting on premise solutions, slowing down their innovation. My company is strictly SaaS, which is why we are a market leader in the Industry. I'd like to see Microsoft put out 3 major releases in one year for any of its products (and I'm not talking security patches, hahahaha).


Another data point... I have seen studies of computing resource
utilization in a corporate data center. The utilization averages around
15-20%. The utilization is so low because each dept has their own set
of servers and applications and these servers only get use during certain
hours. The attraction of virtualization and cloud computing is that the
sharing and consolidation of resources bring overall utilization up. Thus
saving money.

I think all of us in the tech world has seen some kind of bell curve for
the traffic/usage for your application or servers. We've always have
to plan and size for the peak/max load. The rest of the time the
servers sit idle / less utilized.

Before cloud computing, this idle or wasted resource is considered part of
the cost of doing business. Cloud computing allows companies to utilize
that waste.

lazyworm
08-28-2009, 10:38 AM
I see cloud computing really taking off for those specialized business applications that are quickly evolving. What I don't see is the core desktop suite moving to the cloud. Who cares if Windows and Office is only upgraded every five years (or more)? If you want to get rid of the PCs, they can be virtualized in your server room (private cloud?). We deploy a solution called Panologic at some of our clients to do just that.

I think we will always see a mix of the two types. What is obvious is that client/server computing costs much more than the old mainframes did, and is much less reliable. Those apps that used to run on the mainframe will be the ones that go to the cloud.

The problem is still the encryption keys. It *does* matter who holds them. A lot of our clients have data that they will not or can not allow to leave the premises because a breach would finish their business. Strong encryption would overcome this obstacle to *some* degree.

Regards,


SwissFluCase


Cloud computing being the buzz word has 1 huge draw back. It's been
marketed as the end-all-be-all solution to everything. That is simply
not true. It's just another alternative. Different needs require different
solutions.

I totally agree that it's not going to replace your desktop, not anytime
soon. The current evolution of cloud is that it is available to replace parts
of what is traditional provided by a desktop. Office apps has been moving
to web based for a few years already. Features, speed and usefulness
has come a long way, but it's still nowhere close to the desktop office
suite. If you just need to start up a spread sheet to keep track of
a few things, web based office tools, says, google docs, is adequate.
Also, few people can doubt that web browsers are getting more and
more feature rich and powerful. Flash/AIR based applications can very
nicely mimic a traditional installed shrink-wrap application.

jmlivingston
08-28-2009, 12:22 PM
Just hit my inbox while I was out at lunch, and since it's relevant to our discussion I thought I'd share this article (http://www.networkworld.com/community/node/44783?source=NWWNLE_nlt_daily_am_2009-08-28) with all of you.

Enterprises say they are already doing cloud computing

The hottest technology appears to be the cloud, but no one is really sure what that means
...
By the time the industry decides, adoption rate will no doubt be at 100%, because you apparently don't need to know where or what the cloud is, to know you want to deploy it.

artherd
08-28-2009, 1:35 PM
The web browser is the new vt100 dumb terminal :D

jmlivingston
08-28-2009, 1:43 PM
The web browser is the new vt100 dumb terminal :D


Except now there aren't that many people who appreciate ASCII art!

sfwdiy
08-28-2009, 2:07 PM
The web browser is the new vt100 dumb terminal :D

Seems pretty true, actually.

I still don't see cloud computing completely replacing desktop applications any time soon, though. There are a lot of apps out there that can't be replicated in the cloud for various reasons.

I love Google Apps for my domain, though. Screw Go-Daddy's bogus POP mail.

--B

sfwdiy
08-28-2009, 2:12 PM
Except now there aren't that many people who appreciate ASCII art!

I was gonna paste some awesome ASCII art in this thread, but it doesn't display right at all. :mad:

--B

sfwdiy
08-28-2009, 2:15 PM
Speaking of ASCII art, open a terminal and pump this in there: telnet towel.blinkenlights.nl

Good times.

--B

lazyworm
08-28-2009, 2:31 PM
oh, the memories :)

Here's another one...
http://www.asciimation.co.nz/

SwissFluCase
08-28-2009, 5:03 PM
The web browser is the new vt100 dumb terminal :D

"When I was your age sonny, all we had were VT100 terminals, and we had to make to with ASCII pr0n! If we wanted to post dirty pictures, we had to use vi!" :p

Regards,


SwissFluCase

glbtrottr
08-28-2009, 9:31 PM
The first person who ties encryption and cloud computing together is going to be very wealthy.

Encryption: a little company called RSA. http://www.rsa.com/
Cloud computing, private or public: http://www.emc.com/products/detail/software/atmos.htm

both owned by EMC...hmm.

jmlivingston
08-28-2009, 10:19 PM
Even the HBA/FCoE manufacturers are now supporting hardware based encryption in their adapters.

artherd
08-29-2009, 1:55 AM
Encryption: a little company called RSA. http://www.rsa.com/
Cloud computing, private or public: http://www.emc.com/products/detail/software/atmos.htm

both owned by EMC...hmm.

:)


I owe you several phone calls :D

rynando
08-29-2009, 2:17 AM
The first person who ties encryption and cloud computing together is going to be very wealthy.

We send, store, process and return encrypted data through S3/EC2/SQS all day, every day. If you don't need a third party to meet some sort of guideline (or if youíd like someone with a fat E&O policy like RSA who can take the brunt of a lawsuit for you) itís quite doable . . . and if itís implemented properly itís no less secure then a spendy ďEnterpriseĒ solution.

R

rynando
08-29-2009, 2:20 AM
Speaking of ASCII art, open a terminal and pump this in there: telnet towel.blinkenlights.nl

Good times.

--B

Awesome!

R

artherd
08-29-2009, 12:43 PM
We send, store, process and return encrypted data through S3/EC2/SQS all day, every day.

Encrypted while being processed? No data exists even temporarily in RAM decrypted?

razorx
08-29-2009, 1:26 PM
Healthcare is an example where cloud computing has several obstacles. Healthcare tends to be behind the technology curve especially in the provider space and that location of data (encrypted even) outside of the physical facilities is problematic from a legal perspective. Is the Cloud provider willing to accept the legal costs of defending alleged information leaks? Client could be after current, future, punitive damages. How well does the Cloud provider trust their own people? Financial Services will also have similar issues.

However, it will be worked out over time. Price pressures on providers will force them to finally upgrade infrastructure and cloud computing will be a necessary component in that new architecture.

Payors have similar concerns but quite the same price pressure points.






Cloud computing is like counting sheep?

artherd
08-29-2009, 2:07 PM
Good Point - regulatory law like HIPAA needs updating.

rynando
08-30-2009, 12:49 AM
Encrypted while being processed? No data exists even temporarily in RAM decrypted?

No, the bulk of our data remains in an encrypted state as the actual data isnít being manipulated, just the file containing the data. Basically EC2/S3 is being treated as a large scheduled file distribution network (and a bunch of other things). The files are never processed in EC2 so the dataís never decrypted. Even if it were it wouldnít bother me as the dataís not anything sensitive and the files and EC2 nodes are split up so far and wide over Amazonís VPS/storage infrastructure that to exploit data in an unencrypted state in RAM would be near impossible (I actually think it would be impossible). Other data, like the messages we send through SQS (which contain complete data chunks that Iíd rather others not have access to) are sent encrypted and are only decrypted by the receiving systems (which we own).

I think youíre always going to be able to pull unencrypted data out of a systemís RAM. This is going to be true of any application that makes use of encrypted datastores. The data has to be decrypted to be made usable. When law enforcement grabs servers they always just disconnect them from the network while leaving them powered up. This gives them the chance to at least try to defeat any disk encryption that might be used. Hereís an interesting article (http://blogs.zdnet.com/security/?p=900) on the subject. If anything itíll remind you to turn your laptop completely off well before you get to a border crossing.

R