Archive

ITIL and cloud series: NIST and IBM Cloud Reference Architecture, what and how to

Share this post:

We know what cloud computing is and we have ITIL that guides us for service management. Do we really need any additional model or framework?”

Yes we do! Indeed we need an architecture that helps us in planning, designing, and building a real cloud computing environment with all the capability and information systems to efficiently run it.

IBM Cloud Computing Reference Architecture¹(CCRA) has already been effectively introduced in a blog from Vasfi Gucer. In this blog, I would like to dig a little more and compare IBM CCRA with the NIST CCRA².

Oh no ! One is not enough?”

Bear with me for a moment and you will find it out.

Which one do you prefer?”

That’s an unfair question to be asked to an IBMer.

I think the NIST document is an excellent asset; it is clear and readable, with neat and unambiguous definitions, it is broader, neutral, and will be for sure adopted as a common vocabulary and reference (this is also one of the key added values of ITIL). I will definitely use it with my clients!

On the other side, I have been following the evolution of IBM CCRA since 2009, well before the second version was submitted by IBM to The Open Group and became available to the public. So I know that this architecture overview document is only the tip of the iceberg and that the real asset we use with our client or for implementing our cloud products and offerings is constituted by many additional and specific work products. At the end of this blog I try to give you an idea of its structure.

Also, the IBM CCRA overview (the tip) is neutral, a little more deep for specific concepts, less complete in some areas but with some additional guidelines. In a few words, the NIST CCRA is an excellent what, and the IBM CCRA (the complete one) is a very useful how to.

Where do these architectures come from?”

The IBM CCRA is based on real-world input from many cloud implementations across IBM. Its Architecture Overview document provides a general meta-architecture describing the fundamental architectural building blocks that can be selected based on service and deployment models, and specific solution contexts and requirements. The first release is dated February 2010; the 2.0 release, which is the current and public release, is dated February 2011.

The NIST CCRA was published in September 2011. The team surveyed and completed an initial analysis of existing cloud computing reference models proposed by cloud organizations, vendors, and federal agencies, and developed a neutral model of architectural concepts that could address the US Government needs.

What’re their objectives?”

The IBM CCRA overview document is intended to provide a common, coherent architectural structure that should be used as a basis for any cloud computing project. This allows representing the architecture of any cloud project in a consistent fashion. It also provides a set of architectural principles to define the fundamental principles that must be followed when realizing a cloud.



The wider set of IBM CCRA work products constitute an asset to be used by IBM consultants and architects to help our clients in building cloud solutions. It is also used as specifications for the design of IBM software products and cloud solutions in support of cloud computing environment realization. In addition, it is used to design and implement IBM public cloud offerings. At the same time, it receives input from new development and project experiences. The picture shows how continuous improvement helps ensure that both real-world experiences and technology advancements from IBM Research are integrated into IBM cloud reference architecture and management components.

As stated in the NIST document: “The design of the NIST cloud computing reference architecture serves the following objectives: to illustrate and understand the various cloud services in the context of an overall cloud computing conceptual model; to provide a technical reference to USG agencies and other consumers to understand, discuss, categorize and compare cloud services; and to facilitate the analysis of candidate standards for security, interoperability, and portability and reference implementations.”

NIST declares that the aim is to focus on “what” cloud services need to provide and not on the “how to;” it extends the NIST cloud computing definitions, creating a conceptual model that should be used by US Government agencies to position different vendors offerings, to discuss requirements, to speak a common language, and plan for the proper activities and functions needed to effectively run a cloud computing environment.

What do they look like?”

Well, the diagram colors differ 🙂 … but we notice substantial similarities and several interesting differences derived from the origin and objectives of these two architectures.

Both NIST and IBM architecture overview diagrams describe the components of a cloud computing system and assign them to defined actors.

The IBM architecture introduces three main roles: the Cloud Service Provider, Cloud Service Consumer, and Cloud Service Creator. For each of them, the high-level diagram in the following picture shows the main components; additional diagrams explode each of the actor functions.

The NIST architecture, in the following picture, introduces three new actors: Cloud Broker, Cloud Auditor ,and Cloud Carrier. This is an important addendum and serves to better model the actors and relationships between them that we are seeing in the real market.

The Cloud Service Creator is not mentioned at all and we have to think it as embedded in the Cloud Service Provider role, even if I think it is important to distinguish it because, for example, a cloud service provider can have multiple external ISVs or suppliers playing this role and creating new services.

What are other main differences?”

There are several other differences and I suggest reading both the documents to have a complete picture. More than different, I think they are complementary, and using both is quite useful. Hereafter, I limit my comments to several areas of the two architectures, hoping to stimulate your curiosity and maybe generating some discussion:

  • NIST CCRA does an excellent job in educating about the actors, in showing graphically their relationships, and in describing sample interaction scenarios.
  • IBM CCRA, in its introduction, speaks about cloud and SOA, and shows an interesting positioning of the two reference architectures.
  • When describing the Cloud Consumer, NIST gives a good example of possible cloud services (also summarized in a dedicated appendix); IBM emphasizes the importance of the coexistence of cloud systems and the consumer in-house IT, and focuses on the importance of cloud service integration tools.
  • Speaking about service layers, IBM introduces a forth layer, the Business Process as a Service (BPaaS), on top of the three NIST layers. This layer is important because it describes a wider responsibility from the provider that goes behind the software to deliver the full business process with a cloud computing model. Examples of BPaaS are employee benefit management, business travel, procurement, and also IT-centric processes such as software testing.
  • Both IBM and NIST clearly say that each service layer can stand on its own without relying on a lower cloud service, but I like the NIST representation with L-shaped services that communicate this concept visually.
  • IBM specifies also the importance of third-party services and ecosystem to be integrated into a cloud service provider service layer.
  • NIST puts in evidence, in the service orchestration component, the Resource Abstraction and Control Layer; IBM gives a more detailed view of the Infrastructure component.
  • Security and privacy are a big concern for NIST (see also details about the Auditor role) with dedicated paragraphs describing areas where the US Government agency should focus. IBM details the names of Security, Resiliency and Consumability components but inserts best practices and details in specific work products not accessible to the public. In general, I like the IBM graphic representation of these layers, together with Governance, that underline the importance of designing across actor’s security layer.
  • NIST proposes a useful Cloud Taxonomy to summarize Roles, Activities, Component, and Sub-component. I suggest you can use a similar one for the IBM CCRA or for your own customized CCRA.
  • IBM CCRA adds a helpful chapter with Architectural Principles and Related Guidance.

What about Service Management?”

NIST uses the words Cloud Service Management to describe the component including all the functions needed for the management and operation of cloud services; IBM names it Common Cloud Management Platform (CCMP), probably biased by thinking of all the tools needed to support a strategic and integrated service management for the cloud.

NIST introduces three main components for Cloud Service Management: Business Support, Provisioning/Configuration, and Portability/Interoperability. I like the latter one because it is important to underline this aspect and this is actually missing from the IBM picture.

On the other side, IBM proposes a well-structured decomposition of the Management Platform with functional details for the Business Support Services and Operation Support Services (names derived from the telecommunication world, the model that is closer to the cloud computing model). The benefit of IBM decomposition is to be very close to the ITIL definition and actually I will have to come back with a future blog discussing the differences and a possible mapping. Stay tuned.

I start to understand now… but what about the iceberg? You promised to give us more light about what is there behind the overview document in the IBM CCRA.”

Right, but this blog is becoming too long to cover this topic. I make you another promise to return to describe how we use IBM CCRA for cloud service design. However, I understand your curiosity so let me show you the general structure of work products; it is similar for any IBM Reference Architectures.

The picture gives you an idea also of work product content. As you can see, the Architecture Overview is the conceptual model; the Component Model describes, with greater detail, the functions and activities; and the Operational Model gives you the how to, with details of how to deploy and integrate specific tools. Although this latter layer is of course populated by IBM products, the three layers allow us to more easily assess the client’s current situation: what is missing and how it can be integrated, saving existing investments.

More stories

Why we added new map tools to Netcool

I had the opportunity to visit a number of telecommunications clients using IBM Netcool over the last year. We frequently discussed the benefits of have a geographically mapped view of topology. Not just because it was nice “eye candy” in the Network Operations Center (NOC), but because it gives an important geographically-based view of network […]

Continue reading

How to streamline continuous delivery through better auditing

IT managers, does this sound familiar? Just when everything is running smoothly, you encounter the release management process in place for upgrading business applications in the production environment. You get an error notification in one of the workflows running the release management process. It can be especially frustrating when the error is coming from the […]

Continue reading

Want to see the latest from WebSphere Liberty? Join our webcast

We just released the latest release of WebSphere Liberty, 16.0.0.4. It includes many new enhancements to its security, database management and overall performance. Interested in what’s new? Join our webcast on January 11, 2017. Why? Read on. I used to take time to reflect on the year behind me as the calendar year closed out, […]

Continue reading