February 3, 2012 | Written by: Maks Strajher
Share this post:
In Part 1 of this blog entry, we covered the first five requirements (self-service portal, service catalog, automated provisioning, complex topology creation and deployment, and Platform-Virtualization management). So, let’s continue with short description of the next five requirements, which are as important for cloud providers as the first five.
6. Usage metering and accounting
The usage metering and accounting part of the management stack understands cost and can track, allocate, and invoice the users based on usage and cost of used shared resources by users. Detailed information and reports of shared resources usage are defined by service providers, and service providers decide how finely to grade data collection. Based on the collected information and delivered reports, service providers are able to bill users.
7. Multi-tenancy: Assuring “service” and tenant isolation
The goal of isolation is to control and enforce separation between the applications, services, and management of various tenants in the virtual space even though tenants might share the same physical management infrastructure, network infrastructure, storage infrastructure, and run-time infrastructure, or span physical devices.
The provider of the cloud environment should be multi-tenant-enabled, providing secure logical separation between clients, and allowing them to have access only to their compute resources. Isolation should address access control, virtual LANs (VLANs), virtual machines, and storage.
8. Security and privacy
Security and privacy are one of the key prohibitory factors for organizations moving their business to the public cloud. Currently, organizations are responsible to define, maintain, and enforce security procedures within the organization. Moving workloads to a public cloud environment can raise security questions within the organization because security becomes a shared responsibility between an organization and the cloud service provider. To some extent, security remains in the organization domain, but mostly becomes the responsibility of the cloud service provider. To move their business to public cloud, organizations should be ensured of security procedures and how those procedures are enforced in the cloud service provider environment.
Recommended security measures that represent best practice implementations for cloud security are as follows:
- Implement and maintain a security program.
- Build and maintain a secure cloud infrastructure.
- Ensure confidential data protection.
- Implement strong access and identity management.
- Establish application and environment provisioning.
- Implement governance and audit management program.
- Implement a vulnerability and intrusion management program.
- Maintain environment testing and validation.
9. Connect, manage, and secure hybrid clouds
Why is this element important for cloud service providers? What about connecting customer’s private cloud environment with cloud provider environment, or between cloud service provider’s environments? When customers consider moving their workloads to a cloud service provider environment, they also consider how to securely connect workloads between cloud service provider (or multiple providers), and the remaining workloads within the customer environments. Cloud service providers have to able to connect and manage various cloud environments in a secure way. I suggest reading the “Service management for hybrid clouds” blog entry, posted by colleague Sebastian Rzepka.
10. Open standards
Standards address inhibitors to cloud adoption by including security, vendor lock-in, and portability. Cloud service providers should ensure that standards used for cloud are open so that customer fears are decreased.
These requirements for success are focused specifically on the provider’s operational capabilities, and cloud environment. Of course, these requirements are not all that is required to become successful – we can consider for example, market condition, market segmentation, and approach.