HomeBlogsDavid Lane's blog

Behind the Cloud Redux

Jan 04, 2011  By David Lane
 in
Cloud Wheels

Cloud computing is the hot buzz phrase. But as both Shawn Powers and I have pointed out, cloud computing is not a new technology, or even a new implementation of new technology.  But that does not mean it is well understood, either by those who are designing or those who are crying out for it as they follow the yellow-brick road (or the latest issue of PC Week).  As several Anonymous (and not so anonymous) commentators have said, there is a lot more to cloud computing then just hardware, some good data links and some smart coding.

Because cloud computing means different things to different people (and at different times of the day), we need to be clear about our terms.  Our friends at Wikipedia define cloud computing as:
 

Cloud computing is Internet-based computing, whereby shared servers provide resources, software, and data to computers and other devices on demand...


This definition works well enough for me, so let us investigate it a little deeper.  By definition, anything that is Internet-based tends not to have a physical or geographic location associated with it.  For example, when I go to the Linux Journal web page, I am not thinking about Houston, Texas, where the magazine is officially located.  In fact, because so few of us actually live in Houston, I think of the Linux Journal page as not really being anywhere.  This is further emphasized by the vast array of comments from around the world to our musings.

Similarly, when you do a Google search, a good example of cloud computing, you are more likely to be hitting a server cluster located in a data-center more local to your physical (IP based) location than you are to be hitting their servers in California (and I am assuming they have servers in a data center in California).  In both of these examples, the data we are talking about - search returns and generic web pages - are pretty innocuous.  It really does not matter where the servers are located, and there are not any great crushing legal issues related to them.

But when, for example, the Federal government (we will use the US one since that is where I am, but any federal government has the same set of issues) or more importantly, your company, decides it is going to embark on cloud computing, then we as IT professionals need to not only be part of the process, but we need to be asking the tough questions at the beginning, not the day before the switch is thrown.

In cloud computing, location matters.  And so does ownership.  Lawyers need to be involved.  And a lot of careful planning.  Here are some things to consider: Who owns the cloud you are going to utilize?  Are you contracting with a third party for storage or are you building it from scratch.  If local law enforcement show up with a writ demanding the data be turned over, who is responsible for turning over that data?  When?  Under the laws of what state (or country)?  Who owns the data paths?  Is there traffic shaping? How will it affect all the nodes in the cloud?  If you work for an International company, is response in say Singapore going to be the same as response in Virginia or the United Kingdom?  Is it supposed to be?  Who is responsible for ensuring it is.  Can data be uploaded (or downloaded) the same in different countries? (If you think the answer is yes, you need to really look at your data and be sure.  There is a lot of stuff that cannot be exported.)  Is your data sharing disk with someone else's data?  Is there a chance that someone else can get to your data with (or without) your knowledge and what is the exposure of your data if this happens?  And then there are the usual sort of service level agreement questions about access, up-time, backup and recovery, passwords, password recovery, management statistics and the other day-to-day minutia that you need to keep the system running.

Behind the cloud it is still just computers - not the Great and All Powerful Oz - (and data, data connections and us IT professionals), but there is certainly a lot more that needs to be considered before connecting to it.

______________________

David Lane, KG4GIY is a member of Linux Journal's Editorial Advisory Panel and the Control Op for Linux Journal's Virtual Ham Shack

Comments

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

The diffusion of responsibilty.......

KB3QOA's picture
Submitted by KB3QOA (not verified) on Fri, 04/01/2011 - 11:01.

Interesting article. I note with that NIST has even had to define the "cloud", and that so far, they are on revision 15. See http://csrc.nist.gov/groups/SNS/cloud-computing/ I suspect that along with a nebulous definition, come equally nebulous responsibilities. Who gets sued / fired when data leaks out to where it shouldn't ? Or whatever disaster befalls a cloud provider. The opportunities for finger pointing when it all goes wrong increase dramatically, along with the layers of complexity and management.

Everything should be as simple as possible, but no simpler.

I sincerely hope that a major cloud provider, or a government department leaks sensitive data so that we can all really figure out that this emperor really has no clothes......

KB3QOA

Hello, I love reading through

grasdaves's picture
Submitted by grasdaves on Mon, 03/28/2011 - 01:12.

Hello, I love reading through your coaster blog! I wanted to leave a little comment to support you. Wishing you the best of luck for great blog..!Walk Fit Platinum

Great!

niXsup's picture
Submitted by niXsup (not verified) on Sat, 01/29/2011 - 18:44.

Thanks David Lane.
It was worth reading.
A very nice article to put up.

Thanks
niXsup
http://www.nixsup.com

Great post, i really enjoyed

Bitsgh's picture
Submitted by Bitsgh (not verified) on Tue, 01/25/2011 - 01:59.

Great post, i really enjoyed this article. It has kind of brought to bare the serious questions one needs to answer before going out there to talk about cloud computing. Before this post, i really thought, since we normally represent the internet by the cloud, all activities that involves the use of the internet somehow amounted to cloud computing but i now know that there is more to that. Thanks very much for this great piece.

Cloud computing...

Chdslv's picture
Submitted by Chdslv (not verified) on Sat, 01/22/2011 - 11:54.

Gmail for example offers you quite a bit of the cloud (server somewhere in the world) space, so you can store what you want absolutely free, as far as Google won't go bankrupt...Gmail offers the same privacy conditions, so why not use gmail as the cloud server. You can store anything of practically any size in it. You don't have to send the email, you can simply keep your data as drafts, well-organized drafts, and also you can send a email to your "other" gmail account, which would keep the data very well organized, if you plan it well.

So, why pay money to any Internet storing company, for space. This space available in Gmail, Yahoo mail, etc...look at the marker, the gmail free space is growing every second!

Behind the Cloud Redux

video door phone's picture
Submitted by video door phone (not verified) on Thu, 01/20/2011 - 23:26.

I'm really enjoying your posts. This is quite convincing stuff. Great explanation.Its nice to see step by step to understand it. Really appreciate this post. Thanks for sharing and putting the article together. Also, thanks for introducing cloud computing.

A new manner of doing old things

Eduardo's picture
Submitted by Eduardo (not verified) on Wed, 01/05/2011 - 13:24.

Believe me I don't think about cloud as a total marketing global campaign to make a lot of money, using old techs in a brand new golden pack.

There are some new things inside the pack, indeed.

But, it looks like fax machine. Nothing new, in terms of tech(a phone, a thermal print, a modem, etc.) The great steps was to but it all together. And... It made a revolution in the communications.

Happy 2011 - Cheers

true

Marketing Expert's picture
Submitted by Marketing Expert on Thu, 01/13/2011 - 09:45.

True, however this repackaging allows me to work 3 months out of the year from overseas. So nice repackaging making a huge impact on businesses.

I once walked into a data

Anonymous's picture
Submitted by Anonymous (not verified) on Wed, 01/05/2011 - 04:41.

I once walked into a data center and found a floating disembodied green head calling itself Oz, wait I might have been dreaming!

Anyway, great article if only it could be published in the major newspapers to enlighten the masses.

A number of compelling

Anonymous's picture
Submitted by Anonymous (not verified) on Tue, 01/04/2011 - 10:34.

A number of compelling reasons why not to walk around with your head in the clouds.

Webcast
More Resources
How to Build an Optimal Hadoop Cluster to Store and Maintain Unlimited Amounts of Data Using Microservers

Realizing the promise of Apache® Hadoop® requires the effective deployment of compute, memory, storage and networking to achieve optimal results. With its flexibility and multitude of options, it is easy to over or under provision the server infrastructure, resulting in poor performance and high TCO. Join us for an in depth, technical discussion with industry experts from leading Hadoop and server companies who will provide insights into the key considerations for designing and deploying an optimal Hadoop cluster.

Learn More

Sponsored by AMD

White Paper
More Resources
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy

Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6

Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.

Learn more about catching the bad guy in this free white paper.

Learn More

Sponsored by DLT Solutions