120 likes | 502 Views
Cloud Computing Discussion: CIO Council Initiative. Casey Coleman – GSA CIO. Cloud Computing Initiative - Objectives. Improve the government's ability to create a transparent, open and participatory government. Organize solutions around the constituent groups being served
E N D
Cloud Computing Discussion: CIO Council Initiative Casey Coleman – GSA CIO
Cloud Computing Initiative - Objectives • Improve the government's ability to create a transparent, open and participatory government. • Organize solutions around the constituent groups being served • Continue the migration towards a services-based environment that is interoperable and standards-based • Enable rapid deployment of technology solutions for the Federal government without developing stove-pipes • Enable scalability for existing and new capabilities • Increase savings through virtualization and economies of scale • Potentially reduce cost of infrastructure, buildings, power, and staffing.
Cloud Computing: Cloud computing is a pay-per-use model for enabling available, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability. A NIST Definition of Cloud Computing • Is accessible via Internet protocols from any computer. • Is always available and scales automatically to meet demand. • Is pay per use or paid by advertisements. • Offers Web or programmatic control interfaces. • Enables full customer self-service.
Core Objectives of Cloud Computing • Security • Scalability • Availability • Performance • Cost-effective • Acquire resources on demand • Release resources when no longer needed • Pay for what you use • Leverage other’s core competencies • Turn fixed cost into variable cost Based on Amazon CTO Werner Vogels - core objectives and principles that cloud computing must meet to be successful:
There are three basic service delivery models that together create the ‘Cloud’ – we are starting with IaaS • Categorizes vendors and services provided according to Cloud Computing Architecture types: • Software as a Service (SaaS): Software deployment model whereby a provider licenses an application to customers for use as a service on demand • Platform as a service (PaaS): Delivery of computing platform & solution stack as a service • Infrastructure as a Service (IaaS): Delivery of computer infrastructure (typically a platform virtualization environment) as a service • SaaS: • Gov-Apps, Internet Services • Blogging/Surveys/Twitter, Social Networking • Information/Knowledge Sharing (Wiki) • Communication (e-mail), Collaboration (e-meeting) • Productivity Tools (office) • Enterprise Resource Planning (ERP) • PaaS: • Application Development, Data, Workflow, etc. • Security Services (Single Sign-On, Authentication, etc.) • Database Management • Directory Services • IaaS: • Networks, Security, Mainframes, Servers, Storage • Telecom Carrier Services • IT Facilities/Hosting Services
Users and Suppliers of the Cloud operate in a services-based environment, where components are modular and interoperable • CITIZEN ENGAGEMENT SERVICES: • Internet Services • Blogging/Surveys/Twitter/Web 2.0 • Info/Knowledge Sharing (Wiki) • Social Networking • GOV’T END USER SERVICES: • Communication (e-mail) • Collaboration (e-meeting) • Productivity Tools (word processing, spreadsheet, etc.) • MANAGEMENT SERVICES: • Security • Identity • Cloud Management • Service Level Agreements (SLAs) • GOV’T APP SERVICES (SaaS): • GovApps • Payment Services • Travel Services • BUSINESS SERVICES (SaaS): • Line of Business Applications (HR, FM, Grants, Budget, Geo, etc.) • Supply Chain Management, ERP • PLATFORM SERVICES (PaaS): • Directory Services, Authentication, Authorization, Single Sign-on • Database Management, Workflow Automation, Scheduling, • Application Development, Testing, Quality Assurance • INFRASTRUCTURE SERVICES (IaaS): • Server/Computing – Hosting Services • Storage • Network-Based Services • Telecom Carrier Services
Different clouds will have to exist to accommodate agency needs and security considerations • Citizen Cloud – Cloud as defined by user access and perspective (not hosting location or data owner) • Public Cloud – Cloud as defined by providers of cloud computing services, i.e. non-government or commercial • Federal Civilian Cloud (i.e. non-DoD/Intel) – Cloud services provided within a established Federal cloud environment with government/commercial providers, managed by one agency, subscribed to many other agencies. Specific attributes may include greater compliance with Federal policy and agency specific cloud services. Additionally, greater interoperability amongst cloud services in the Federal Cloud. Leverages TIC. • National Security Cloud – Managed by a DOD / Intel agency, with government/commercial providers. Traditional national security requirements and applications are provisioned within this cloud environment. Leverages TIC MTIPS providers. • Federal, State, & Local Government Cloud – Cloud services provided to facilitate enhanced government services, public safety, interoperability, and business operations amongst all American government Agencies
What will ultimately be delivered to users? Email, messaging apps, productivity software = Software as a Service (SaaS) • Use cloud-based applications to enable improved productivity, cost reduction, and ubiquity of services • Example: web-based email solutions, allowing functionality such as web folders Payment Services (Permits, Taxes, etc.) Productivity Tools (word processing, spreadsheet, etc.) Messaging/Alert Management (Email, IM, RSS, Web Accessible Voicemail) Web 2.0 Content and Social Media (Blogs, Wikis, Networking
Potential uses of Cloud computing - Citizen Engagement Services & IAAS • Simplify the customer experience – web application “storefront” • Agencies identify their infrastructure and web application requirements using a menu-type screen • Payment is by credit card or requisition • Delivery of a secure environment supported by the selected applications configured for their slice of the cloud. • Front-end user interface based on simple commercial hosting model • Provides access to service agreements negotiated by GSA for free Social Media • Limited one-stop shop site for agencies to: request services, make selection from several vendor options, resulting in auto-provisioned fully functional service IaaS
Issues Identified by the federal Cloud Computing Working Group • Security and Privacy: • Develop appropriate waivers and federal (i.e. non-agency specific) C & A requirements • Modify regulations such as FISMA to accommodate Cloud Computing requirements, e.g. databases and virtualized infrastructure • Technology: • Interoperability standards, such as format, protocols, and security policies need to be developed to ensure that services will be truly modular and will work together both within and between clouds • Architecture and planning should be robust enough to accommodate existing and future infrastructure, databases, and data storage requirements • Business Models and Management: • Guidance, including the value proposition/business case and best practices/lessons learned should be centrally developed to help facilitate agency and government-wide initiatives • Acquisition processes and budgeting should be closely reviewed and optimized to ensure effective adoption of cloud computing services; within these processes, agencies must work actively to prevent the dilution of cloud computing terminology
Top Five Issues – ACT/IAC Cloud Computing Summit • Vendors identified the following issues as most important during the ACT/IAC Cloud Computing Summit • Security issues need to be resolved with each individual provider • Modification to several contracting/purchase vehicles to facilitate the purchase of cloud services • Long lead times for Federal opportunities. • Cost models are aggressive, but may not have an accurate cost model • Improve notification of federal opportunities so that they are easier to find for vendor community.
How do we get there? – Federal Cloud Implementation Components Federal Business Processes Acquisition Budget Process Cloud Development Define Cloud Solutions (Services) Package Service Components Facilitate Procurement Identify Candidate Applications Develop Applications Manage Applications Identify Necessary Data Pursue Virtualized Infrastructure Governance Develop Community of Practice Develop Cloud Adoption Guidelines Leverage Practices Establish MOUs Establish SLAs Manage MOUs and SLAs Develop Standards Implement Standards Manage Standards Manage Policies Develop Policy