20090921 risacher to ncoic cloud storefront
TRANSCRIPT
1
Cloud Computing and the DoD CIO Storefront
Dan Risacher
Enterprise Services & Integration
Office of the DoD CIO
2009-09-21
2
What is Cloud Computing?
Headline: “The Internet Industry Is on a Cloud –
Whatever That May Mean”
- Wall Street Journal, A1, March 26, 2009
“I had a customer tell me there’s a rainstorm coming, that there will
be all these clouds and none are going to talk to each other.”
- Susan Adams, Chief Technology Officer,
Microsoft Federal Civilian Practice
Headline: “Federal CIO Scrutinizes Spending And
Eyes Cloud Computing”
- Information Week, March 14, 2009
Hype Or Fact? Yes
3
What is Cloud Computing?
Cloud Computing –
the 2:10 technology……
Two Years of Hyper-Buzz
Ten Years of Adoption
We‟re still in the first year of Hyper-
Buzz…. Watching CC mature…
- Rob Carter, CIO FedEx, DISA Customer Partnership Conference
4
What is Cloud Computing?
IBM: “A cloud is an IT service delivered to users that has:
A user interface that makes the infrastructure underlying the
service transparent to the user
Reduced incremental management costs when additional IT
resources are added
Services oriented management architecture
Massive Scalability
Forrester: “An abstracted, fabric-based infrastructure that
enables dynamic movement, growth, and protection of
services that is billed like a utility. … cloud computing is
looking like a classic disruptive technology”
Lots of different Cloud Computing definitions….
5
What is Cloud Computing?
Gartner: “Cloud computing is a style of computing where massively scalable IT-related capabilities are provided „as a service‟ across the Internet to multiple external customers”
The 451 Group: “The cloud is IT, presented as a service to the user, delivered by virtualized resources that are independent of location.”
National Institute of Standards and Technology (NIST):“Cloud computing is still an evolving paradigm. Its definitions, use cases, underlying technologies, issues, risks, and benefits will be refined in a spirited debate by the public and private sectors. These definitions, attributes, and characteristics will evolve and change over time. “
6
What is Cloud Computing?
Draft NIST Working Definition of Cloud Computing v15:
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-v15.doc
Under the direction of the Federal Cloud Computing WG (Chaired by Ms. Casey Coleman (GSA CIO), directed by Mr. Vivek Kundra (Federal CIO).
The Service-Oriented Architecture / Enterprise is a key enabler to achieving a Stateless Cloud Computing environment.
What we can agree on is that Clouds (Cloud
Computing) bring the promise of
Enterprise Power to Users as Services
7
Clouds Services and Related IT Capabilities
InfrastructureVirtualization
SOA
Data CenterConsolidation
Utility Computing
ITIL-basedTechnologies
Parallel Programming
Rich InternetApplication Interfaces
Client DeviceVirtualization
Distributed Computing
Grid Computing
Process Orchestration
Commodity Processing
Infrastructure-as-a-Service
Software-as-a-Service
Data-as-a-Service
Dimensional Indexing
Distributed File Systems
Data.Gov
Messaging Services
Simple Messaging Service
Software Appliances
Leveraging Flexibility and Demand-Focused
IT Capabilities
9
Clouds - What‟s the Business Case?
Problem AgilityDaysHoursMinutesSeconds
… … …
Re
lati
ve P
er P
rob
lem
Co
st
Dedicated Mission Capabilities
Redundant Facilities and Capacity
Pro
visi
on
ing
and
Pla
cem
ent
Infrastructure-as-a-Service (IaaS) Cloud(s)
Redundant Licensing and Operations
Soft
war
e C
on
figu
rati
on
Software-as-a-Service (SaaS) Cloud(s)
Extended Capacity Utilization
Dat
a C
olle
ctio
n a
nd
Sta
rtu
p
Data-as-a-Service (DaaS) Cloud(s)
Core Mission Execution Time
Dat
a S
earc
h a
nd
Fu
sio
n
1X
10X
100X…
…
(e.g., Amazon WS, RACE)
(e.g., Salesforce.com,DKO, Intelink, A-Space)
(e.g., Google Analytics, DNI)
Cost-Effective Agile Response to Uncertainty
10
Establishing an On-demand Web Scale IT Service is tightly
coupled to extended bandwidth services
Amazon Web Services (AWS)
(Five Years of Planning)
12
Cloud Computing Realities
It is a Disruptive Technology – we need to treat it as such…
A new technology, that radically transforms markets, creates wholly
new markets or destroys existing markets for other technologies..
Not mature – needs 2+ years – This is the time to plan
DoD Acquisition “as a process” could be a significant barrier
(CC is not a weapon system).
Requires planning, pilots, and lessons learn to build a new
(fundamental) understanding of how DoD will migrate legacy
applications and associated data to “Services” hosted in the
Cloud.
Requires adoption of a DoD Platform (as a Service) that delivers
Brutal Standardization in the form of standards, processes,
toolkits, Core Enterprise Services (e.g., Single Sign On, Search,
Publish, Collaboration, etc), and Desktop Virtualization.
13
Cloud Computing Realities
Stateless Cloud Computing Technology? DoD CIO views that as collapsing the desktop (which stores /
manages desktop state resulting from data, applications,
network profile, etc) into the Cloud.
Moving the desktop into the Cloud will pay
HUGE returns – cost savings, agility,
performance, etc, etc…
Offers the potential of saving billons in “provisioning costs” per
year
14
Cloud Opportunities
Infrastructure as a Service
Public Clouds Fed CIO / GSA
Private Clouds DISA
Deployable Clouds Navy (CANES), Army (GNEC)
Other
Cross-cloud solutions ?
Platform as a Service ?
Software as a Service
Productivity apps DoD CIO, Army
Desktop Virtualization DARPA? DIA?
Web app framework DoD CIO Storefront
15
Create single NIPRNET access point for DOD CIO to share its
information and knowledge with authorized consumers in the
DOD Enterprise – Net-centric implementation guidance and tools
– Host/employ emerging Web 2.0 tools
– Create a DoD CIO widget development kit, followed by prototyping and C&A
process (with Forge.Mil) supporting a DoD CIO “Apps Store” (similar to iTunes)
– (n.) widget: modular, loosely-coupled web application designed to run on customizable
net-centric framework, conforming to established guidelines for configuration and
enterprise security
– similar to Google Gadget
DOD CIO Storefront Vision
15Become the DOD Enterprise Innovator and Exemplar
17
Goals
1. “The coolest .mil website ever”
Communications channel so compelling
users will keep coming back
As easy as iGoogle; as intuitive as Facebook
2. The DoD Net-Centric platform (Widget Framework & “Apps Store”)
Certified and accredited framework for future web-applications
Enabling creativity and empowering developers
3. Real-world pathfinder for future enterprise applications
Provide “hands on” experience for providing net-centric solutions
4. Influence policy through real-world experience with Net-Centric
capabilities
5. Computing environment intended for multiple security domains
Initial efforts on NIPRnet
18
The Storefront Essentials
Identity management / Single sign-on
The web framework
And developer guidance
First round of widgets
The marketplace
19
Guiding Principles
Cloud Computing Environment
Utilize Open Source/GOTS software
Leverage Partners:
DISA RACE-in-production to provide a robust, elastic, scalable environment
forge.mil to provide a common repository to support DOD development
ICES – Intelink Publish & Search to provide means for making information available
and discoverable
Stand up an Apps Store
Galvanize third-party developers across the DoD Enterprise
20
Spiral 0: 30 days– Develop storefront system requirements, generate use cases, investigate
technology options
– Identify potential “integration” partners/components
– Identify Cloud source
– Prioritize efforts for Spiral 1
Spiral 1: 90 days– Stand up initial Storefront prototype in a private cloud computing environment
– Generate net-centric implementation content, begin to organize content within
Storefront
– Develop initial core portlets (i.e., SSO) and services
– Prioritize efforts for Spiral 2
Spiral 2+: 90 days– TBD
DOD CIO Storefront POA&M
21
Proposed IdM/SSO
Framework Architecture
Storefront IdM/SSO
Framework
(OpenSSO)
- Session Management
- Sponsored Account
Administration
- Coarse-Grained ABAC
DMDC
(DoD/CAC Users)Others
Identity Management Sources
PKI
User ID/
Password
Other
Auth.
SAML
OpenID/
OAuth
Liberty
Alliance
Other
Fed.
External
Service/Widget
Providers
External
IdM/SSO
Frameworks
DoD CAC
Users
Other Mission
Partners
CRL/
OCSP
DoD Non-CAC
Affiliates
Federal PKI
(e.g., IC, DHS)
Storefront
Services and
Widgets
Storefront Identity Management
Attribute Retrieval Process
Automated retrieval of identity attributes
from authoritative Identity Management
sources
22
Storefront Partnerships
22
Cloud
Computing
Knowledge
ManagementStorefront
Widget
Framework
Storefront
Services
Customized
Widgets Identity
Management/
Single Sign-On
Content
Management
System
Storefront
Social
Networking
Service
ES&I Training
Fannie Callands
ES&I
ESSF/AANAC
Marty Costellic
DISA
PEO-GES
Becky Harris
DISA RACE
Alfred Rivera
UCore
Clay Robinson
(DoD CIO)
Dan Green
(SPAWAR)
Other
Mike Todd
Fannie
Callands
ICES
(Publish
and Search)
ES&I ICAM
Paul Grant