Inside cloud computing

Recent study by Yankee Group revealed, by 2014 cloud computing will be $42B market. Much is being talked about cloud computing. Some people believe even today, it is hype, because it uses already established computing technology, others think it is disruptive trend representing the next level in the evolution of the internet. Few years back in Web 2.0 Expo a question was asked “What is cloud computing?”  The answers were captured and uploaded in the YouTube by Joyent, very interesting video. We learn cloud computing definition from users’ perspective; it delivers services to the consumers in a simplified way. As an user you do not need to know how you are getting the service. But the enterprise adopting cloud computing model need to know the detail about: cloud computing architecture, what are the requirements, how to develop, how to implement, what are all benefits, so on and so forth. Here I will look into the basics of cloud computing from a very high level.

The National Institute of Standards and Technology (NIST) provides somewhat more objective and specific definition as depicted in the following picture:

Let’s focus on Cloud computing characteristics, we see, cloud computing architecture has two distinct domains that enable cloud computing.  They are Infrastructure, which is comprised of Network, Server, Storage, and Software. Infrastructure  which will provide on demand self service capability, resource pooling, rapid elasticity, and measured services.  Network component of infrastructure will provide broad network access. Other domain is the end user, who will use the cloud services.  

Infrastructure – On demand Self service: IT Infrastructure needs to provide secured computing resources 24X7 with five nines availability, and should be resilient to enable cloud services. A virtual platform is ideal to provide computing power.

In the Cloud computing era business resilience has moved us from the sense of reacting to recover from an event to becoming impervious to the event. Business continuity focus upon a defensive resilience posture, it consist of three building blocks – Recovery, Hardening and Redundancy – that are widely recognized as vital ingredient for successful business continuity plans. A defensive posture is useful in protecting the organization and its revenue streams but it does not help the bottom line that will support cloud computing environment and overall business growth.

Three further building blocks that support an offensive resilience posture, which are focused upon improving the organization’s competitive position in the cloud environment – Accessibility, Diversification and Autonomic computing. In practice these building blocks can be used all together or in various combinations depending upon need. For example diversifying operations might allow hardening to be limited other than at sites where critical applications and data reside.

Business Resilience should encompass:  continuity, availability, security, recovery and scalability spanning and supporting six discrete layers to support on demand self service for greater QoS to the end users.

IT Infrastructure – Rapid scaling: Scaling an IT infrastructure means managing the performance and capacities of each component within the infrastructure. The basic objectives of scaling a component/system are to:

• Increase the capacity or speed of the component.
• Improve the efficiency of the component/system.
• Shift or reduce the load on the component.
• Improve overall customer experience

Increasing the scalability of one component, the result may change the dynamics of the entire site service; thereby it is moving the bottleneck to another component. The scalability of the infrastructure depends on the ability of each component to scale to meet increasing demands. So we need to take a holistic view of the IT Infrastructure that include server, clustering, network, storage, workload, and understand the application environment.

Infrastructure: Resource pooling is more about computing resource management to support 24X7 and 99.999 availability. This can be accomplished by adopting virtualization technology. Server, storage and network virtualization can support computing resource requirement more efficiently, but to have optimum computing resource and cost/performance perspective it is essential to do right provisioning by adopting just-in-time approach. Remember most virtualization solutions are not efficiently provisioned and adopt just-in-case approach.

To enable measured service an utility computing services require. The utility computing system (also referred to as a utility system or simply a utility) is a system that can automatically create and manage multiple utility computing services (utilities services, for short) on a shared infrastructure.  The infrastructure consists of pool of hardware resources, such as servers, storage, and network appliances, as well as software resources, such as operating systems, middleware, and applications.

Utility computing services is the “pay-as-you-go” model.  To implement this model, one needs a flexible way to meter the services and resources being used. The UMI (Universal Management Infrastructure) architecture, designed to provide common functions that are needed by most, if not all, of the utilities in a utility computing system, includes a critical metering function.  The architecture of the metering system is hierarchical and highly flexible.  The metering service architecture should include how UMI's metering service function is used in the context of utility computing services, for collecting and storing metered data, computing service metrics (which are useful to the data-consuming applications), and feeding the metrics to various consumer modules (e.g., for accounting and billing).

Infrastructure: Broad network access can be accomplished by augmenting existing typical resilient network topology, like point to point connections, mesh configuration, ring configuration, various  fiber  transport to support failover, through newer trend like Yankee Group’s Anywhere IT approach.   

 We need to do lot of work to support the cloud computing model at infrastructure level. Eliminating detail foundation work may deliver Cloud computing for the enterprise faster, but at some point need to take a holistic look and assess the total need to support cloud computing. I am creating a detail approach and reference architecture to enable enterprise cloud computing for our clients. Please contact me for the artifacts. Before closing this article I would like you to think … how SOA, Web services, and Cloud computing fit together? 

Merging EAI, EII, and ETL initiatives can add more values and it is economical

Last August I discussed about enterprise application integration to address CEOs challenge and pain points.  Simplification and Sustainability were the two major concerns for most CEOs in 2010. I think this issue will remain for the next couple of years until enterprise IT environments are fully integrated.  We need to have a single virtualized platform that provides the technical underpinning of the system.  This should be architected from the ground up as a modern, open, web services, services-oriented platform.  The platform sits on top of the existing infrastructure investments and provides one single solution for any business person. Therefore, the magic word is Integration. Adopting right techniques for the integration will be the key to success in the new economy. Platform requires providing universal capabilities to deliver targeted information to knowledge workers, decision-makers, and other business folks in the organization whenever and wherever they need it.  These capabilities enable users across the organization so that regardless of where individuals sit.

Now the challenge is how to make the architecture simple. Most enterprises are struggling to simplify their IT Infrastructure, too many applications, too many systems. Some of them may be redundant. They are not integrated. At the same time business areas trying to unlock the business value of the information for competitive advantage. Business Executives are facing tremendous challenge the information they are getting cannot be trusted because of silos information, or provide miss information due to volume and variety they are having, or reading wrong information due to dynamic nature of the business.  Therefore most IT Organizations are facing three major issues:

(1)    Applications need to be integrated at enterprise level

(2)    Information need to be integrated and consistent throughout the organization

(3)    Information must be trusted across the organization

The best way to approach these issues to look into all three problems are at the same time. Because if we visualize a typical information architecture framework we see three unique services we need in the information integration layer to deliver trusted information on a single glass pan and among others services they are:

(1)    Enterprise Application Integration (EAI) service,

(2)    Enterprise Information Integration (EII) service,

(3)    Extract Transform and Load (ETL) service,

and their unique capabilities in combination address those issues.

For application-to-application integration EAI will provide message-based, transaction-oriented, point-to-point or point-to-hub brokering techniques, EII will provide optimized & transparent data access and transformation layer providing a single relational interface across all enterprise data, and ETL will help set-oriented, point-in-time transformation for migration, consolidation, and data warehousing. The common thread “Transformation” related to data may confuse us. But all three are unique and we need to have all three to create a robust platform to address integration of applications, to provide trusted information, and to provide require business intelligence. This will create a robust foundation for Business Intelligence service.   Looking only to integrate applications is not the right approach to solve BI issue. Furthermore if we think about the use case for EAI, ETL and EII, we will find they define what they do with the data, how they move it and where, and the structure of the entities they work on. Only EAI or only EII or only ETL cannot support CEO’s objective or solve CEO’s pain points. Moreover you will miss the opportunity to explore EII and ETL scope, and improving the data quality at enterprise level.  For detail approach and road map please contact me.

IT Modernization strategy

Service Oriented Architecture is here, Web services is become a leading technology choice to use for implementing SOA. We see web services is the most promising instantiation of service oriented architecture due to the use of open standards, asynchronous processing of decoupled systems, and of course a strong drive towards interoperability. The new trend of architecture style and computing model can be implemented very easily. But how we can get most out of the software and hardware assets that enterprises have invested thus far?  Many organizations are started new endeavor of modernizing their IT. I will try to explore the most challenging areas that enterprise needs to work on.  I think major challenge that enterprise will face:

1. Leveraging existing and use new talent.
2. Using existing codes in new ways and aligning them with the business rules.
3. Changing processes to accommodate new technology
4. Code modernization
5. Simple and complex Multilanguage source code analysis.
6. Architecture and design modernization.
7. Compiler & IDE strategy – Distributed application development.

In summary people process and technology modernization is the core of IT modernization. Therefore IT modernization should be undertaken as a strategic vision and where the new initiatives should adopt new technology.  IT Strategy and road map development need an agile approach and the biggest challenge is how to execute IT Modernization tasks most cost effective manner and without disturbing day-to-day businesses. I have created a detail white paper and a technique paper to help my clients to transform their IT into new paradigm. Please contact me for the white paper on this subject.   

Cloud computing model has created a greater challenge for IT Security professionals

Cloud computing model has created a greater challenge for IT Security professionals. In this article I am exploring various aspects of today’s security solution. When considering security solution we cannot separate IT Security from Business resiliency. How we can make IT environment secured resilient in cloud computing environment? Business resilience has moved us from the sense of reacting and then recovering from an event to becoming impervious to the event. Business continuity focus upon a defensive resilience posture, it consist of three building blocks – Recovery, Hardening and Redundancy – these are widely recognized as vital components  for successful business continuity plans. A defensive posture is useful in protecting the organization and its revenue streams but it does not directly help the bottom line.

An offensive resilience posture also consists of three building blocks, which are focused upon improving the organization’s competitive position – Accessibility, Diversification and Autonomic computing. In cloud computing environment these three components are become more critical, as we need to add security. In practice these building blocks can be used all together or in various combinations depending upon need. For example diversifying operations might allow hardening to be limited other than at sites where critical applications and data reside. Business resilience encompass business as well as IT Operations and it can be thought of as spanning six discrete layers: Strategy, Organization, Process, data/application, technology and facilities/security. We need to consider all six services layers.

Developing a security system model is the first step of architecting security solution. Common Criteria are considered to be the description of the complete function of the security system model. Common Criteria provide a taxonomy for evaluating security functionality through a set of functional and assurance requirements. The Common Criteria include 11 functional classes of requirements:

1.     Security audit

2.     Communication

3.     Cryptographic support

4.     User data protection

5.     Identification and authentication

6.     Management of security functions

7.     Privacy

8.     Protection of security functions

9.     Resource utilization

10.  Component access

11.  Trusted path or channel

These 11 functional classes are further divided into 66 families, each containing a number of component criteria. There are approximately 130 component criteria currently documented, with the recognition that designers may add additional component criteria to a specific design. There is a formal process for adopting component criteria through the Common Criteria administrative body, which can be found at: http://csrc.nist.gov/cc/

The Common Criteria functional criteria are re-aggregated by adopting multiple steps that include removing the class and family structures. An analysis of the 130 component-level requirements in relation to their function within an NIS solution suggests a partitioning into five operational categories or security sub system:

Security audit subsystem:

Solution Integrity Subsystem

Access control subsystem:

Information flow control subsystem:

Identity or credential subsystem

To design this complex security systems need a robust method and security and business continuity group need to work together to architect the secure solution that can sustain today’s cloud computing environment.

Taking infrastructure optimization and virtual world of computing to the next level.

Computing is no longer for the computers, more than half of the world Chips are used by the consumer electronics gear. Object-to-object connectivity has increased tremendously and will grow more.  Number of object and devices connected to internet will grow astronomically.  Primarily shrinking (nanotechnology), thinking (smart technology), tagging (Radio frequency), and feeling (sensors) will lead the IT World to the new world of innovation. The way we Manage information, work with the information, and delivering/capturing information is rapidly changing. We see financial sectors are transforming their information delivery model to a new dimension, competing to capture more customers by delivering superior quality customer satisfaction.  Enterprises are delivering information through multiple channels like Branch, Call center, Electronics, Self-service, and through multiple devices. Multichannel delivery solution module creating opportunity to transform existing architecture into SOA based Architecture and enjoying SOA’s benefit.

Enterprises are changing their work environment to become more productive, utilizing in-house skills and talents more effectively.  Delivery channel is now encompasses rich collaborative capabilities, flexible and open programmability platform, and integrated users’ experience. Most companies have at least 15 different collaborative capabilities. The scope of architecting delivery channel module has expanded and become more challenging. Responsibility of Enterprise Architect has increased they need to map delivery channel module appropriately with the TOGAF framework (assuming TOGAF as a standard frame work), need to enhance governance model, need to integrate multi channel delivery, need Information integration, and hardware/software solution evaluation and adoption.

Optimize delivery channel and delivering consistent information is the biggest challenge. Enterprise Information Integration and channel infrastructure integration will play a big role in optimization outside data center or infrastructure domain. If we take a look into capital market business model, they have typically sell side, buy side and trading exchange. We see primarily six patterns in all the three hubs. Access Integration, Application Integration, and Collaboration, so on and so forth. Optimizing each of these patterns can help to save tremendous amount of cost.  Contact me for detail about optimization and its implementation.  

Banking Industry - Channel integration is the answer to the high quality customers’ experience

World’s leading banks are competing to deliver top quality customer experiences. They are striving to deliver their products faster, low cost, and with higher quality of customer experiences. Cloud computing and SOA infrastructure are adding more value to the transformation of client experiences. New paradigm shift will have many positive impacts on channel infrastructure and delivery model design. Delivery channels in Banking industry have Self service, Branch, Electronics, and Call Center in one end and products like Deposits, withdraw, loan, etc on the product side. Of course there are multiple sub-channels under each major channel. Unfortunately lack of integration across channels is causing tremendous frustration and bad quality of experience to the customers.  Customers are experiencing many touch points with the Bank for a single business process thread that are creating lots of opportunity for integration. If we create a use case model of customer interaction we will see the amount of time, money both bank and customers are spending are significant. It will reveal un-integrated line of business creating fragmented customer interaction. Vendors are coming up with many products to improve customer satisfaction. We need products but products come after completing the required operational model. Multichannel Architecture, Transformation to SOA, and information Integration are the major challenges to the IT. For total solution with road map to accomplish target objectives and vision with new computing model and technology require for this transformation. For the techniques paper on this topic please contact me.

Five New Technologies That Will Change Enterprise Computing

Five New Technologies That Will Change Enterprise Computing