Article - Issue 49, December 2011
© David Clark/iStockphoto
The market for cloud computing worldwide was estimated at $14 billion in 2010 and is expected to grow 30% a year to $66 billion by 2016. Many people are still hazy about what clouds are and what they are used for. Nick Coleman, Global Leader of Cloud Security for IBM, examines the advantages and challenges that surround cloud computing and what the future holds for the technology.
Almost everyone who has accessed the internet has also used cloud computing by accessing music or storing files online. The US National Institute of Standards and Technology offers a formal definition:
“Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (for example, networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.”
Cloud computing is engineering’s answer to delivering computing as a service. In some ways it is similar to having a dedicated car and moving instead to a car sharing pool, where you just pay for what you use.
Over the years, enterprises changed from using mainframes to client/server computing, in which desktop PCs ran programs with data held on multiple servers, often physically distributed throughout organisations.
This model had challenges for both efficiency and also scalability. A major breakthrough to the problem of efficiency came in the shape of virtual machine technology. Although virtualization as a technology had been around for many years, it only started to become widely used in the late 1990s.
This innovation has made it possible to run virtual environments. Virtual machines, pre-configured with database applications, became possible as standard modules that could be run on a pool of servers and rapidly scaled up or down as needed (see Ingenia 43 article Secure hypervisor describing Xen virtual machine monitors).
The result has been the scalable sharing of computing environments by many users (which are sometimes called multi-tenant infrastructures) and the ability to get these environments up and running more rapidly than before.
Improved utilisation of infrastructure has been one benefit in the shift to cloud computing, but another has been speeding the ways applications can be deployed. Cloud computing allows for applications to be tested and run on pre-built cloud infrastructures. Standard virtual machines including operating systems, middleware and applications can be installed very quickly, vastly reducing the time it takes to get to the development and test phase and time to get into production.
For businesses, this can make a big difference: for instance, if they choose not to take on the cost of purchasing the infrastructure outright but hand the computing resource to a cloud service provider much like having the car in a car-pooling scheme with a standard set of cars.
Applications can also be delivered directly from the cloud. Many people are already familiar with this concept, as seen with smart phones where a standard application is available from an application store. These act as preconfigured applications where you are accessing and storing data remotely in the cloud.
Private, public and hybrid clouds
There are many models of cloud computing, ranging from public, private and hybrid clouds to a mix of different models. Public clouds often refer to models that are accessed over the internet, such as the public cloud services offered through Amazon, IBM and Google. Private clouds are often a set of servers, storage, and networking set aside for use by one organisation. Some organisations build private clouds in their own data centres so that they can keep control over their computing infrastructure, while still gaining some cost and speed benefits. Others install hardware in a hosting company’s data centre, so they keep control of what is running on their systems but let the hosting provider worry about the infrastructure issues.
Somewhere in the middle is the hybrid cloud approach that blends aspects of the public and private cloud. In some cases, companies run certain applications in a public cloud but link them to others running on in-house IT systems. Other companies may run an application, such as order processing, in a private cloud and then use a public cloud service to provide extra capacity at busy times of the year, like Christmas might be for a retailer.
Another variety of cloud offering is the community cloud. One might be created for council social services departments, for example, in which many social services departments access a shared resource, but applying security such as strict access controls to ensure that data doesn’t leak.
Engineering cloud computing environments introduce new technology and processes. However, security issues are often considered to be the most significant area to consider.
The challenges include ensuring the right people can access data and applications, ensuring that the infrastructure is protected and reliable, and that users can be confident that the cloud service is trustworthy. This includes concerns about where data is being held, in which jurisdiction or regulatory environment and which requirements apply there.
For the organisation or person buying the cloud service, they no longer have to think in detail about engineering but they do need to consider how the service has been engineered and understand risk factors and where the various responsibilities lie. The user is going from a controlled environment to a new environment with new technologies and a new model of delivery. They have to think, “Where is the data, who has access to it and how will I know?”
The need to ensure cloud solutions and services are separating users correctly is addressed during the design phase. Isolation is built in at the infrastructure level – the network, hypervisor and storage.
Applications also give challenges for security. Codes have to be created and tools put in place to manage applications when they are being placed into the cloud.
Indeed, cloud providers are already starting to engineer security in a different way, introducing concepts such as security analytics to cloud computing environments. This includes using software to mine data and analyse user and service behaviour. The analysis can then be used to identify unusual patterns and alert relevant parties about any detected security issues.
It is likely that more numerous and more varied IT services will be obtained from cloud service providers over the internet. This means many organisations will no longer need to operate their own in-house data centres to the same extent because some or all of their computing can be conducted in a public, private or hybrid cloud. They become free to focus on their core applications or on only those aspects of IT they wish to operate themselves. In the light of this trend, the number of data centres is likely to decrease, fitting more users into smaller spaces.
Data centres delivering cloud computing continue to evolve to increase efficiency and reduce their carbon footprints. To give one example, IBM is currently pursuing extensive research on 3D chip architectures to reduce the space and energy requirements for computing. In 3D chips, processors are stacked on top of each other, thus not only reducing the surface area of the chip but also shortening the communication distance between the processors. This increases the bandwidth for data transmission on the chip many fold.
However, it is cooling that remains a real issue. Complex designs with extremely thin, stacked processors can reach power densities of up to 5 kW/cm3– a power density that exceeds that of any current heat engine, such as an internal combustion engine, by 10 times.
At IBM’s research centre in Zurich, novel concepts to scale cooling technologies for 3D chip stacks are being explored. In test systems, water is piped directly between the individual chip layers through microscopic channels measuring only about 50 microns. Such designs allow 3D stacks of heating elements to be cooled very efficiently with the heat fluxes released by today’s processors. If successful, supercomputers as small as sugar cubes could one day become reality.
In the meantime, much work is being done to supply data centres with renewable sources of energy to draw from. Geothermal energy is being used to cool and power data centres in Iceland. IBM has also recently opened the first solar-powered array designed specifically to run high-voltage data centers in India. The new array is spread over more than 1,800m3of rooftop covering its India Software Lab in Bangalore. The solar array is capable of providing a 50 kW supply of electricity for up to 330 days a year, for an average of five hours a day.
For some IT observers, cloud computing is little more than a return to the old ‘mainframe and dumb terminal’ model of a half a century ago, albeit with a new user interface. The shift to cloud computing is more profound than that, reflecting the consumerisation of IT and the emergence of ‘app stores for business’, from which end users can choose their own IT services. The shift to cloud computing also means a shift in how the computing resource is paid for, from upfront capital investment and software licences to the ‘pay as you go’ model. At the same time, it is enabling more cost-efficient as well as carbon- and energy-efficient technology footprints.
Perhaps the most interesting long-term prospect for cloud computing is that it will enable the aggregation of very large amounts of information from multiple cloud systems for analysis. Take a simple example for smarter energy consumption: You set your electronic devices to charge when the electricity is cheaper, and they are programmed and managed through the cloud.
There are also possibilities for delivering smarter healthcare with a doctor checking your medical results against others’ across the rest of the world to help with diagnosis. Or how about combining a network of sensors in parking spaces across a town or city with a cloud service to help people find out where to park?
Some of this is happening around the world already. The engineering of secure, scalable clouds will enable new platforms and applications to deliver services. It is really about using the possibilities of cloud computing to help drive the achievements you want.