CCSK Guide
27Apr/11Off

Cloud Interoperability: Approaches and Challenges

Numerous governments and enterprises are looking to cloud computing strategies to consolidate their IT infrastructures, cut spending, ensure their IT systems will be scalable and facilitate innovation in services. At the same time, cloud service providers are identifying and addressing the challenges posed by mixed IT environments. Service providers and vendors are finding that they must collaborate more and more, in order to ensure that their products will work well together.

Cloud interoperability ensures that one cloud solution will be able to work with other platforms and applications, as well as with other clouds. This gives customers the flexibility to run applications locally, or in the cloud, or in a combination of the two.

According to Microsoft general manager Craig Shank, who is currently leading interoperability efforts at the company, “There’s a tremendous level of creative energy around cloud services right now – and the industry is exploring new ideas and scenarios together all the time. Our goal is to preserve that flexibility through an open approach to cloud interoperability.”

 

Interoperability Targets

At a basic level, interoperability can be thought of as the ability to use the same tools with a variety of cloud service providers and across various platforms. The concept can be further divided into three interoperability targets:

  1. Application/Service – This refers to how applications and services can be combined, while maintaining some level of resiliency with regards to changes in connectivity and location. It looks at how service providers can maintain the connections necessary for the application to remain viable.
  2. Management – This looks at the APIs that a management application can use to control multiple cloud environments. This target explores how images are delivered between providers; how servers/applications are started/stopped; and how storage can be manipulated.
  3. Image/Data – This is the most commonly referred to target when cloud interoperability issues are raised. It looks at virtual server images, Java applications, or CRM databases, and how they can be deployed on another host without needing modification.

 

Approaches to Interoperability

At a high level, experts have described two approaches to interoperability. These are discussed below.

1. Unified Cloud Interface/Cloud Broker

This approach aims to develop a common or unified cloud computing interface (also referred to as a “cloud broker”).  The cloud broker serves as a common interface for the interactions between remote platforms, networks, systems, apps, services and data.  This model addresses both PaaS and IaaS offerings. The goal of this approach is to facilitate a hybrid cloud computing environment that is decentralized, extensible and secure. This is the approach taken by the Cloud Computing Interoperability Forum (CCIF), which is discussed in further detail below.

2. Enterprise Cloud Orchestration Platform/Orchestration Layer

Currently, every industry is observing the “race to the cloud,” in which thousands of companies are speeding the adoption of their products and services by turning them into cloud services. Experts explain that the reality will soon be that there will be numerous types of clouds (both private and public), that will be further categorized into general-purpose and specialized clouds. This network of clouds will be impossible to use without some type of orchestration. Some early adopters of cloud orchestration include: Cordys, RightScale and CSC.

 

Cloud Computing Interoperability Forum (CCIF)

The not-for-profit Cloud Computing Interoperability Forum was formed to facilitate a global cloud computing ecosystem in which organizations can work together seamlessly and widely adopt cloud computing technologies and services. The Forum is built on the idea that two or more cloud platforms should be able to exchange information in a unified manner, on a common cloud computing interface. The CCIF is made up of a global community of researchers, vendors, architects and end users interested in meeting both business and science requirements.

 

Factors Affecting Interoperability

As interoperability issues emerge, observers have documented significant factors from a range of perspectives – industry, academia, end users and other stakeholders. This highlights the importance for standards bodies, vendors and users to form a consensus on the regulations and standards that are acceptable.

This also points to the reality that there are numerous standards being developed simultaneously and consensus may be difficult, if not impossible, to attain. For instance, large vendors such as Amazon and Microsoft have openly rejected the CCIF agenda, opting instead to develop their own interoperability goals.

As there are a number of different cloud computing models (e.g. SaaS, PaaS, IaaS), this indicates that different standards are needed for each model, rather than one overarching set of standards. Some suggest that leaders need to focus on a core set of standards, and then branch out to more specific areas.

 

Summary

This article looks at the issue of cloud interoperability, which is broadly understood as the ability to take one cloud solution and have it be usable with other platforms, applications and clouds. This ensures that customers are able to leverage the flexibility of cloud computing. There are three interoperability targets: application/service; management; and image/data. Two broad approaches to cloud interoperability are introduced: (1) the Unified Cloud Interface/Cloud Broker Approach and (2) the Enterprise Cloud Orchestration Platform/Orchestration Layer Approach. The article also discusses the role of the Cloud Computing Interoperability Forum (CCIF) and other factors which affect interoperability as well as the development of cloud computing standards.

 

CCSK Exam Preparation

In preparation for the Certificate of Cloud Security Knowledge (CCSK), a security professional should be comfortable with topics related to this post, including:

-          Key Portability Objectives of S-P-I (Domain 6)

-          Lock-In Risk Mitigation Techniques (Domain 6)

-          Differences in S-P-I Models (Domain 10)

 

Enjoy this article?

Consider subscribing to our rss feed!

Tagged as: , , , , , , , , , Comments Off
Comments (0) Trackbacks (0)

Sorry, the comment form is closed at this time.

No trackbacks yet.

» «

Login

Sponsored Links

Tags

access control Amazon Amazon EC2 API audit authentication authorization best practices compliance contracts CSA data breach data breaches data security disaster recovery encryption EU google government IaaS IAM identity identity federation interoperability lock-in management Microsoft open source PaaS portability private cloud provider selection public cloud risk management risks SaaS security SOA standards threats trends vendors virtualization virtual machines vulnerabilities

Archives

Meta



Our mission: Provide reliable and accurate information to cloud security professionals seeking CCSK certification.



We expect individuals seeking the Certificate of Cloud Security Knowledge will find our information specifically targeted at their CCSK pursuit useful. Our test preparation software and forums give candidates a higher chance for success.

Thank you for visiting. Since you're new to the site:
  • Please review the user agreement.
  • Register for the site so you may use the testing services.



    • We hope you find this service useful, and good luck on the exam!