cloud computing architecture and strategy

© 2010 IBM Corporation

Cloud Computing Architecture and Strategy

Gerd Breiter

IBM Distinguished Engineer

[email protected]

06/08/2010

© 2010 IBM Corporation2

Agenda

Introduction

Cloud Computing Reference Architecture

– Cloud Computing Management Platform

– Selected Management Areas

Hybrid Clouds

Customer Projects

Standardization Efforts

Summary

References


The world is getting smarter…

In 2001, there were 60 million transistors for every human on the planet ...

… by 2010 there will be 1 billion transistors per human…

… each costing 1/10 millionth of a cent.

In 2005 there were 1.3 billion RFID tags in circulation…

… by 2010 there will be 33 billion.

Worldwide mobile telephone subscriptions reached 3.3 billion in 2007

One billion camera phones were sold in 2007, up from 450 million in 2006 …

An estimated 2 billion people will be on the Web by 2011 ...

… and a trillion connected objects –cars, appliances, cameras, roadways, pipelines – comprising the "Internet of Things."


Just like introducing the Client/Server model impacted almost everything we

did in IT (operation IT, developing applications, …), Cloud computing has

severe impact on the IT industry

Cloud Computing: The next step in the evolution of IT

1. Centralized Computing: 1960 –– Optimized for sharing, industrial strength, systems management, …

– Managed by central IT organization

– Back office applications involving transactions, shared data bases, …

– Mainframes, supercomputers, minicomputers, …

2. Client/Server: 1985 –– Optimized for low costs, simplicity, flexibility, …

– Distributed management across multiple departments and organizations

– Large numbers of PC-based applications

– PC-based clients and servers, Unix, Linux, ...

3. Cloud Computing: 2010 –– New consumption and delivery model

– Optimized for massive scalability, delivery of services, …

– Centralized model, hybrid service acquisition models

– Supports huge numbers of mobile devices and sensors

– Internet technology-based architecture


= OPTIMIZED BUSINESS

…allowing you to optimize new investments for direct business benefits

AGILITY + BUSINESS & IT ALIGNMENT +SERVICE

FLEXIBILITYINDUSTRY

STANDARDS+

Cloud Computing…

The Industrialization of IT…

= Reduced Cost

….leverages virtualization, automation, standardization and self service to free up operational budget for new investment

=VIRTUALIZATION + AUTOMATION +STANDARDIZATION SELF SERVICE+


Infrastructure-as-a-Service

Platform-as-a-Service

Application-as-a-Service

Servers Networking Storage

Middleware

Collaboration

Financials

CRM/ERP/HR

Industry

Applications

Data Center

Fabric

Shared virtualized, dynamic provisioning

Database

Web 2.0 Application

Runtime

Java

Runtime

Development

Tooling

Cloud Computing Layers

Examples

Business Process-as-a-Service

Employee

Benefits Mgmt.

Industry-specific

Processes

Procurement

Business Travel


Cloud Computing Delivery Models

ORGANIZATION CULTURE GOVERNANCE

Flexible Delivery Models

Public …•Service provider owned

and managed.•Access by subscription

Private …•Privately owned

and managed.•Access limited to

client and its partner network.

Cloud Services

Cloud Computing Model

.… Customization, efficiency, availability, resiliency, security

and privacy

.…Standardization, capital preservation, flexibility and

time to deploy

Hybrid …•Access to

client, partner network, and third party resources


What’s so different about cloud-like Service Management? –Changes in orders of magnitude

Server/Storage

Utilization10-20%

Self service None

Provisioning Weeks

Change

ManagementMonths

Release

ManagementWeeks

Metering/BillingFixed cost

model

Payback period for

new servicesYears

70-90%

Unlimited

Minutes

Days/Hours

Minutes

Granular

Months

TraditionalService Management

Cloud-likeService

Management

Capability From To


Lifecycle of a Cloud Service

IBM / ISV /IT Dept

Subscriber (e.g. Line of Business)

Administrator / SLM

Cloud Service Definition

Service Offering Creation & Registration

Service Catalog Manager

Service Subscription & Instantiation

Subscriber (e.g. Line of Business)

Service Instance Termination

CloudService

Service

Operation

Cloud Management

Platform

Common Resource

Pools


Agenda

Introduction




Hybrid Clouds

Customer Projects


Summary

References


Overview – Cloud Computing Reference Architecture

1. The IBM Cloud Computing Reference Architecture (CC RA) is structured in a

modular fashion (similar to the SOA Reference Model)

– On its highest level of abstraction, it defines a base set of architectural

elements, which are refined to the next level of detail

– This modular approach allows refinement of the CC RA architectural

elements independent from each other by the respective SMEs.

2. The IBM Common Cloud Management Platform Reference Architecture (CCMP RA)

is the reference architecture for the CCMP being one fundamental architectural

elements of the IBM CC RA.


Cloud ServiceDeveloper

Cloud Service Provider

Security & Resiliency

ServiceDevelopment

Tools

Common Cloud Management Platform

OSS – Operational Support Services

Operational-level functionality for management of Cloud Services

BSS – Business Support Services

Business-level functionality for management of Cloud Services

Cloud ServicesIT capability provided to Cloud Service Consumer

(Virtualized) Infrastructure – Server, Storage, Network, FacilitiesInfrastructure for hosting Cloud Services and Common Cloud Management Platform

Cloud ServiceConsumer

Partner Clouds

Consumer

In-house IT

Cloud Computing Reference Architecture (CC RA) – Overview






Partner Clouds

Customer

In-house IT

Consumer

Administrator

Consumer

Business

Manager

Developer

Service Business Manager Service Operations Manager

Consumer

End user

Metering, Analytics & Reporting

Service

Development

Tools

Service Definition Tools

Image Creation

Tools

Change & ConfigurationManagement

Service Automation Management

Virtualization Mgmt

Provisioning

Monitoring &Event Management

IT Asset & License Management

Service Request Management

IT Service Level Management

Image Lifecycle Management

Capacity &Performance Management

Incident & ProblemManagement

BSSBusiness

Support

Services

OSSOperational

Support

Services

Common Cloud Management Platform RA - Details

Service Transition Manager

Service Security Manager Security & Resiliency

Service Delivery Catalog

Service Templates

AP

I

Se

rvic

e D

eliv

ery

Po

rtal

Se

rvic

e D

eve

lop

me

nt P

orta

l

Service Provider Portal

Offering Mgmt

Order Mgmt

General accounting

Customer Mgmt

Entitlement Mgmt

Contract & agreement Mgmt Opportunity to Order

Pricing & Rating

Peering & Settlement

Subscriber Mgmt

Service OfferingCatalog

Invoicing Billing

Cloud ServicesIT capability provided to Cloud Service Consumer

(Virtualized) Infrastructure – Server, Storage, Network, FacilitiesInfrastructure for hosting Cloud Services and Common Cloud Management Platform





Virtualized Infrastructure – Server, Storage, Network, Facilities


Partner Clouds

Customer

In-house IT

Consumer

Administrator

Consumer

Business

Manager

Developer

Service Business Manager Service Operations Manager

Cloud Services

Use

r Inte

rface

Consumer

End user

AP

I

Software-as-a-Service

Platform-as-a-Service

Infrastructure-as-a-Service

Business-Process-as-a-Service

Metering, Analytics & Reporting

Service Provider Portal

Service

Development

Tools

Service Definition Tools

Image Creation

Tools

Configuration Mgmt

Offering Mgmt

Order Mgmt

Accounting & Billing

Customer Mgmt

Entitlements

Contract MgmtSLA

Reporting

Pricing & Rating

Peering & Settlement

Subscriber Mgmt

Service OfferingCatalog

Invoicing


Virtualization Mgmt

Provisioning

Monitoring &Event Management

IT Asset & License Management

Service Request Management

IT Service Level Management

Image Lifecycle Management

Capacity &Performance Management

Incident, Problem &Change Management

BSSBusiness

Support

Services

Se

rvic

e D

eve

lop

me

nt P

orta

l

AP

I

Se

rvic

e D

eliv

ery

Po

rtal

OSSOperational

Support

Services

Service Transition Manager

Service Security Manager Security & Resiliency

Service Delivery Catalog

Service Templates

Cloud Management Platform – Selected Management Problems


– Interpret and Execute Build- and

Management Plans

– Orchestrate Management

Componentry

Image Management

– Design, build and manage

images for cloud services

Security

– Design for Multi-Tenancy

– Protect assets through

Isolation, integrity, image- risk and

compliance management

Usage Metering and Accounting

– Flexible support of delivery

models

Virtualized Resource

Management

– Deploy cloud services on

virtualized resources

– Manage virtual resources

Heat and Power Management

– Control Energy Consumption


En

d t

o E

nd

Servic

e M

an

ag

em

en

t

TADDM

TSAM v7.2 TUAMTivoliMonitoring

Web 2

.0

User

Inte

rface

UsageReports

BillingReports

Tivoli Service Automation Layer

Automate process of instantiating and managing a distributed IT environment.

Workloads

Service measurement Service reporting Usage accounting Auditing and controls

BillingReports

Virtualized Infrastructure Layer

Virtualized resources Virtualized aggregation Physical infrastructure

VM Control

Transaction

Processing

and Database

Technology

Scale

High Transaction Rates

High Quality of Service

Handle Peak Workloads

Resiliency and Security

Analytics and

High Performance

Computing

Technology

Compute intensive

High I/O Bandwidth

High Memory Bandwidth

Floating point

Scale out Capable

Web, Collaboration

and Infrastructure

Technology

Highly Threaded

Throughput-oriented

Scale Out Capable

Lower Quality of Service

Business

Applications

Technology

Scale

High Quality of Service

Large Memory Footprint

Responsive Infrastructure

TPMProvisioning

Mgr

Service AutomationTemplates

ServiceRequest Mgr

ImageLibrary

Work-flows

ServiceAutomation

Mgr

Tivoli Process Automation EngineOrchestration workflows

Typical Cloud Management Platform Middleware Stack

System p / SUN

Storage Network

Hypervisor(PowerVM)

HMC NIMSystem z

Storage Network

HMC

VM

Part

itio

n

VM

Part

itio

nHypervisor

(zVM)

VM

Part

itio

n

VM

Part

itio

n

Cisco UCS

Storage(Vmax)

Network

Hypervisor(vSphere)

UCSManager

VM

Part

itio

n

VM

PArt

itio

n

Storage Network

Hypervisor (KVM, VMware, Xen)

… VM

x86

VM


Traditional Data Center Management vs.“Cloud-like” Management

Core Disciplines

IT Management approach

Administration Tasks

Problem handling

Service Consumer <-> Service Provider

interaction

The overall objective of Cloud-managed data centers is to automate any type of

task or situation (by reducing manual intervention) for increasing flexibility and

reducing operational expenses

Core Metrics Traditionally managed Data

Center

“Cloud-managed” data center

Admin/Server ratio Costs 1:50 – 1:100 1:100’s – 1:1000’s

Time to provide new service instances

& changing them Flexibility

Days / weeks Hours / minutes / seconds

For Cloud-like efficiencies and

flexibility, it is not sufficient to

have the right technology, but

to also use it in the right way!


Agenda

Introduction




Hybrid Clouds

Customer Projects


Summary


Hybrid Cloud Management, Security and Integration

From the Enterprise Client’s perspective:

Management of workloads running off-

premise on clouds

– Management of software applications and

services

(monitoring, events, availability, performanc

e)

– Service Request Management (governance

of service provisioning)

– Dashboard for service visibility

Security for Hybrids

– Control security and resilience of services

(identity

management, compliance, isolation)

Integration of applications & data

– On-premise to off-premise business

application connectivity & governance

– Information exchange and data integration

across the enterprise and clouds

Application and Workload migration

workbench

– Tools to support the migration of workloads

to the cloud

Initial focus for 'Hybrid Cloud': 'Provide clients the ability to manage and integrate workloads and resources on a cloud with their existing processes, management and business systems.'

19

19

IBM + Cast Iron combines enterprise level scalability and support with

rapid on & off premise application integration

Separate technologies to manage application integration

requirements

Fragmented infrastructure/device sprawl

Duplicate integration processes

Today IBM + Cast Iron

Single, integrated platform for on- to on-, on- to off-, and off- to off-

premise application integration

Uniform infrastructure

Shared application integration processes

BPO

Off-Premise outside the Enterprise

Public Clouds

Technologies

Packaged Apps

On-Premise Applications

E-Business Suite

Databases, Web services,

Messaging, App Servers, …

Cast Iron

http://www.netsuite.com/portal/home.shtml

http://www.taleo.com/

http://www-306.ibm.com.wstub.archive.org/software/main/r/data/db2/swg

http://www.mysql.com/


Agenda

Introduction




Hybrid Clouds

Customer Projects


Summary


Emerging Customer Patterns

Advanced enterprises looking

for the “big bang” of Cloud,

with focus on increasing &

optimizing existing

infrastructure utilization

Heavy interest in Health &

Pharma, emerging in FSS

Compelling entry-point

into Cloud

Computing, particularly for

Development /Test

environments,

Very active with

CSP’s, Telco’s. High

Competition

Cloud Service Delivery

Platform

Application / Platform

Service

Self Service Provisioning

Analytics


Self Service Delivery Project – Financial CustomerLow-cost, low-touch self-enablement server provisioning system that leverages automation around virtualized server and storage infrastructure

Image management

Temporarily restore servers for further testing

Improve Efficiency

Improve Quality

Self-service portal with automated

provisioning

Move from traditional high touch provisioning model to a

self-service, full-lifecycle, reservation model with

automated provisioning

Management of the full lifecycle of a server

Systems can be reserved, provisioned and de-

provisioned based on schedule and capacity

systems utilization

systems capacity

Policy management and governance

Consistency of server provisioning and configuration.

Flexibility and control over request/approval

workflows, resource assignment, utilization and

capacity, and cost allocation

time to market

flexibility

systems capacity

time to market

consistency

flexibility

server/admin ratio

consistency

visibility and control

systems capacity

Primary Focus Areas Key MetricsSupporting Capability

•AIX LPARs on IBM p5/6

•Linux and Windows

images on x86


Business Background Solution Overview

Cloud Business Benefit

IBM Tivoli Development Services (TDS) organization

provides IT services for Tivoli and other organizations

in IBM Software Group and Research

IT Footprint had expanded to 24 labs through growth

and acquisitions, creating inefficiencies and increased

expense

Plan to exploit Tivoli capabilities to:

More effectively manage resources and IT services

in the cloud

Innovate new business services through process

transformation

Transformed business and IT processes

Improved competitiveness through faster time to value

and enhanced productivity

Avoided $4.8M in capital expense and $3.1M in

operational expense in 2009 through

consolidation, virtualization and automation

Consolidated 5 of 24 labs, reduced physical space by

8% and built capacity for 1200 virtual machines.

IBM Tivoli Development Cloud implemented with Tivoli

Service Automation Manager, Tivoli Provisioning

Manager, IBM Tivoli Monitoring, Storage Productivity

Center, OMNIbus, Tivoli Business Service

Manager, Tivoli Data Warehouse, Tivoli Performance

Analyzer

Infrastructure includes KVM,VMWare and Hyper-V

based virtualized images on IBM System X hardware

IBM Tivoli Development Cloud

24

SKT’s vision of Cloud Computing

Business Needs Project Objective

Createnew

service offerings

New business service idea

Improve time to market – react to deliver a new IT service quickly, decrease time to deploy systems for new service offerings

Lower development cost – increase resource utilization and reduce labor costs

Find new revenue/profit streams thru embrace a new business service ideas of CP/BP quickly.

-Provide Better and flexible service to users (CP/BP), enabling self-service request and delivering services more rapidly

To leverage CP/BP who has a new business service ideas

-Reduce cost for operations & management and for new investment

“Strengthen the Competitiveness of the SKT Internet Service & Create new business opportunities for

Platform service“

Development

& Production system Infra

Cloud Service Platform

InfraHW/SW

DevTool

Open API

Respond to changes quickly

Speed: Provide resources quickly

Agility:Quickly respond to changes

in IT resource demand

Event/Marketing strategy changeover

Cloud Computing platform needs to be deployed that enables mobile content providers and business

partners with a mobile service idea to develop, test and commercialize new services quickly and

easily.


United States Air ForceMission Oriented Cloud Architecture

Business Background Solution Overview

Business Benefit

• The United States Air Force (USAF) provides aerial, space

and cyber warfare for the United States Armed Forces. The

USAF consists of 10 major commands, 100 military

bases, and 700,000 personal worldwide

• IBM will provide research, design and demonstration a secure

cloud computing infrastructure for the USAF.

• IBM is helping the USAF understand how to

manage, monitor, and secure the information flowing through

the USAF, Department of Defense and other intelligence

agency networks.

• IBM will demonstrate an unprecedented level of

security, network resiliency to the USAF networks.

• The resulting architecture will provide the USAF with an

advanced level of “Situational Awareness” by implementing

sensors, monitors, detection devices, security policy

management, compliance management, and advanced

analytic stream processing.

• The new cloud architecture will reduce the time it takes to

respond to cyber threats by leveraging automated mission

prioritized workload and capacity management systems.

• Demonstration of a security focused cloud computing

architecture that can manage, monitor and secure the

information flowing through the Air Force network.

• Advanced analytic processing from InfoSphere Streams

coupled via sensors, monitors, and other detection devices

• Automated mission prioritized capacity management

• Real-time situational awareness of the cloud environment

• Policy based security compliance reporting and

enforcement

• IBM hardware – System x , BladeCenter, DataPower, ISS

Proventia

• IBM software – Tivoli, Rational, WebSphere and InfoSphere


IBM Technology Adopter’s Portal (IBM TAP)

New

Development

Software

Costs

Power Costs

Labor Costs

HW Costs

Liberated

funding for

new

development

Deployment

Software

Costs

Power Costs

Labor Costs

HW Costs

Without Cloud With Cloud

100%

Current

IT Spend

Strategic

Change

Capacity

Hardware,

labor & power

savings

reduced annual

cost of operation

by 83.8%

Innovation Cloud for 100,000

Subscribers

Reduced Capital Expenditure

Reduce from 488 servers to 55

Reduced Operations Expenditure

Reduce from 15 admins to 2

Additional Benefits:

Enhanced customer service

Less idle time

More efficient use of energy

Acceleration of innovation

projects

Business Case Results


Agenda

Introduction




Hybrid Clouds

Customer Projects


Summary


Service Definitions and Service Instances

28

Tivoli Service Automation Manager

Script Lib JavaLib

TPM WF

Automationassets

---------------------

Service Definition

---------

Data Center Resources

Dispatcher

WebSphere Portal

Portal Search

Content Apps

WebSphere Portal

Portal Search

Content Apps

HTTP Server

Deployment Mgr

Database Server

WebSphere Portal

Portal Search

Content Apps

WebSphere Portal

Portal Search

Content Apps

HTTP Server

Deployment Mgr

Database Server

Database Server

Production

Cluster A

Productio

n Cluster B

DispatcherTest 2

Dispatcher

WebSphere Portal

Portal Search

Content Apps

WebSphere Portal

Portal Search

Content Apps

HTTP Server

Deployment Mgr

Database Server

WebSphere Portal

Portal Search

Content Apps

WebSphere Portal

Portal Search

Content Apps

HTTP Server

Deployment Mgr

Database Server

Database Server

Production

Cluster A

Productio

n Cluster B

DispatcherTest 1

---------------------

Service Instance Test 2

---------------------

---------------------

Service Instance Test 1

---------

OVAs

Service Definition

including a topology model forthe services, and build- andmanagement plans

Service Instances

created from template definitionsin a Service Definition, representingone deployed service

Instantiation

of services from a Service Definition, parameterized throughuser input filling in point ofvariability of the Service Definition

Automation Assets

leveraged by build- andmanagement plans, e.g. OVF images, TPM workflows, scripts, ...


Service Definition provides a model formanaging Cloud Services throughouttheir complete lifecycle:

– Initial Deployment of a service instance

– Operational management of aservice instance (e.g. modify capacity,patch management, upgrades,incident and problem management, etc.)

– Termination of a service instance

Service Topology Template:

– Structural model of a service, i.e. its components and their relationships

– Includes operations that can be invoked on service components as the basis for instrumentation

Build- and Management Plans:

– Process model of how to set up, manage and terminate a service

– Plans are represented in BPMN

Interfaces describing the CRUD operations that can be executed on Cloud Service Definitions and Cloud Service Instances

– For orchestration of the service, and for creation and management of composed services(Hybrid Clouds)

Service Definition Overview


Agenda

Introduction




Hybrid Clouds

Platform Exploitability and Customer Projects


Summary


Summary

Cloud Computing is a disruptive change to the way IT services are delivered… it is about shifting to the third compute model in the evolution of IT

• Service Lifecycle Management based on a Dynamic Infrastructure is the foundation for managing Clouds

A solid Cloud Computing Architecture is required to sucessfully and economically manage Clouds

– Open standards based architecture for the buildout of private, public and hybrid Clouds

– Management of IaaS-, PaaS- and SaaS Clouds

– Build for seamless integration into existing customers environment

• The Journey to Cloud requires an integrated and orchestrated approach

• Customers are adopting Cloud Computing today• Adoption often starts in the Development- and Test Environments

• The Benefits of Cloud Computing are real!


Agenda

Introduction




Hybrid Clouds

Platform Exploitability and Customer Projects


Summary

References


References

Articles downloaded from the Internet

– Michael Armbrust et al., Above the Clouds: A Berkeley View of Cloud Computing, Feb. 2009

• http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.pdf

– Cloud Computing: Platform as a Service. InformationWeek Analytics, October 2, 2009

– Luiz André Barroso and Urs Hölzle, The Datacenter as a Computer: An Introduction to the Design of Warehouse-Scale Machines, Synthesis Lectures on Computer Architecture, 2009, http://www.morganclaypool.com/doi/pdf/10.2200/S00193ED1V01Y200905CAC006?cookieSet=1

– Scott Crowder, Introduction to Workload Optimized Approach & Workload Market Segmentation, IBM White Paper, December 2009

– David Chappell, A short introduction to Cloud, http://www.davidchappell.com/CloudPlatforms--Chappell.pdf

– David Chappell, Cloud Platforms Today: A Perspective, April 2009 http://www.davidchappell.com/CloudPlatformsToday--APerspective--Chappell.pdf

– Jeffrey Dean and Sanjay Ghemawat, MapReduce: Simplified Data Processing on Large Clusters,

• labs.google.com/papers/mapreduce-osdi04.pdf

– DeCandia et al. Dynamo: Amazon’s highly available key-value store, SOSP 2007, http://portal.acm.org/citation.cfm?id=1294281&dl=ACM&coll=ACM&CFID=47859964&CFTOKEN=98797782

– European Network and Information Security Agency (ENISA), Cloud Computing, Benefits, risks and recommendations for information security, Nov 2009 (http://www.enisa.europa.eu)

– Gregor Hohpe, Programming the Cloud, November 2009, http://www.enterpriseintegrationpatterns.com/docs/HohpeProgrammingCloudKeynote.pdf

– Anna Liu, Architecting Cloud Applications – the essential checklist, AAF Keynote 2009,

– National Institute of Standards and Technology, Definition of Cloud Computing, http://csrc.nist.gov/groups/SNS/cloud-computing/

– Ning Duan et al., Tenant Behavior Analysis in Software as a Service Environment, ICSOC 2009

– Daniel Nurmi et al., The Eucalyptus Open-source Cloud-computing System, http://www.cca08.org/papers/Paper32-Daniel-Nurmi.pdf

– Open Cloud Manifesto, http://www.opencloudmanifesto.org/

– OpenNebula.org – Various papers

– B. Rochwerger et al., The Reservoir Model and Architecture for Open Federated Cloud Computing, IBM Journal of Research and Development, April 2009 http://www8.cs.umu.se/~elmroth/papers/ibmjrd2009.pdf

– Werner Vogels, Eventually Consistent, ACM Queue, October 2008

– Ying Huang et al., A Framework for Building a Low Cost, Scalable and Secured Platform for Web-Delivered Business Services, IBM Systems Journal, November 2009

Company Web Sites: Amazon, Microsoft, Google, IBM, Salesforce.com

Gregor Hohpe, Bobby Woolf, Enterprise Integration Patterns, Addison-Wesley 2004

Kristof Kloeckner, Middleware for Distributed Systems, Lecture Notes 2004

Kristof Kloeckner, The IBM Cloud Agenda, White Paper 2009

George Reese: Cloud Application Architectures, O’Reilly 2009

John W. Rittinghouse, James F. Ransome, Cloud Computing. Implementation, Management and Security, CRC Press 2009

Andrew Tanenbaum, Maarten van Steen: Distributed Systems. Principles and Paradigms, Prentice-Hall 2009

Rich Schiesser: IT Systems Management, Prentice-Hall 2002

Jim Rymarczyk, Virtualization, Pre-Print 2009

Tivoli Service Automation Manager Solution Guide

http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.pdf





http://www.morganclaypool.com/doi/pdf/10.2200/S00193ED1V01Y200905CAC006?cookieSet=1

http://www.davidchappell.com/CloudPlatforms--Chappell.pdf



http://www.davidchappell.com/CloudPlatformsToday--APerspective--Chappell.pdf





http://portal.acm.org/citation.cfm?id=1294281&dl=ACM&coll=ACM&CFID=47859964&CFTOKEN=98797782

http://www.enisa.europa.eu/

http://www.enterpriseintegrationpatterns.com/docs/HohpeProgrammingCloudKeynote.pdf

http://csrc.nist.gov/groups/SNS/cloud-computing/



http://www.cca08.org/papers/Paper32-Daniel-Nurmi.pdf





http://www.opencloudmanifesto.org/

http://www8.cs.umu.se/~elmroth/papers/ibmjrd2009.pdf

© 2010 IBM Corporation34 Security and Cloud Computing

● [Allan 10] Allan, D., Hahn, T., Szakal, A., Whitmore, J. and Buecker, A. Security in Development: The IBM Secure Engineering Framework. IBM RedGuide, New York, 2010.

● [Anderson 08] Anderson, R. Security Engineering: A Guide to Building Dependable Distributed Systems (2nd ed). Wiley, Indianapolis, 2008.

● [Bishop 02] Bishop, M. Computer Security, Art and Science. Addison-Wesley, Boston, 2002.

● [BSI 100] BSI-Standard 100-1-4. IT Grundschutz. Bundesamt für Sicherheit in der Informationstechnik, Bonn, 2009.

● [Buecker 09] Buecker, A. et. al. Introducing the IBM Security Framework and IBM Security Blueprint to Realize Business-Driven Security. IBM RedGuide, New York, 2009.

● [Cheswick 03] Cheswick, W., Bellovin, S. and Rubin, A. Firewalls and Internet Security: Repelling the Wily Hacker (2nd ed). Addison-Wesley, 2003.

● [Crawford 10] Crawford, S. High Performers and Foundational Controls: Building a Strategy for Security and Risk Management. EMA White Paper, 2010.

● [Gasser 88] M Gasser: Building a Secure Computer System. Van Nostrand Reinhold, New York, 1988.

● [Goldberg 74] Goldberg, R. P. Survey of Virtual Machine Research. IEEE Computer June. 1974, pp 34-45.

● [IBM 10] IBM X-Force 2009 Trend and Risk Report. IBM, Armonk, February 2010.

● [ISO 27001] ISO/IEC 27001. Information Security Management System. ISO 2005.

● [McGraw 06] McGraw, G. Software Security: Building Security In. Addison-Wesley, 2006.

● [Menezes 96] Menezes, A., van Oorschot, P. and Vanstone, S. Handbook of Applied Cryptography. CRC Press, 1996.

● [OWASP 10] OWASP Top 10 – 2010. The Ten Most Critical Web Application Security Risks. OWASP Foundation, 2010.

● [Stallings 10] Stallings, W. Network Security Essentials: Applications and Standard (4th ed). Prentice Hall, Upper Saddle River, 2010.

References & Reading List: General Information Security

© 2010 IBM Corporation35 Security and Cloud Computing

● [CSA 10] Top Threats to Cloud Computing. Cloud Security Alliance (CSA), 2010.

● [ENISA 09] Cloud Computing: Benefits, Risks and Recommendations for Information Security. European Network and Information Security Agency (ENISA), 2009.

● [ENISA 09a] Cloud Computing Information Assurance Framework. European Network and Information Security Agency (ENISA), 2009.

● [Heiser 09] Heiser J. and Nicolett M. Assessing the Security Risks of Cloud Computing. Gartner Research, 2008

● [IBM 09] IBM Point of View: Security and Cloud Computing. IBM, New York, 2009.

● [Jericho 09] Cloud Cube Model: Selecting Cloud Formations for Secure Collaboration. The Jericho Forum, 2009.

● [Mather 09] T. Mather, S. Kumaraswamy, S. Latif. Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance. O'Reilly, Gravenstein, 2009.

● [Mell 09] Mell, P. and Grance, T. Effectively and Securely Using the Cloud Computing Paradigm. In ACM Cloud Computing Security Workshop, Chicago, 2009.

References & Reading List: General Cloud Security


Thank you!

For more information, please visit:

ibm.com/cloud

Or contact me at:

[email protected]

cloud computing architecture and strategy

Documents